Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename.
CVSS Metrics
