AIX vi(1) Insecure Temporary File Creation Vulnerability

AIX vi(1) Insecure Temporary File Creation Vulnerability

The vi(1) program under certain versions of AIX will follow symlinks when creating /var/tmp/Ex* temp files. This allows malicous users to symlink to these files and overwrite other system files at the privilege level of the user executing the program.