makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
CVSS Metrics
