Feynmf · Feynmf · CVE-2007-5940
**Name of the Vulnerable Software and Affected Versions**
feynmf version 1.08
**Description**
The issue allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the `feynmf$$.pl` temporary file. This is related to the `feynmf.pl` script in feynmf, which is used in TeXLive 2007.
**Recommendations**
For feynm version 1.08, consider restricting access to the `feynmf.pl` script until a patch is available. As a temporary workaround, avoid using the `feynmf.pl` script to minimize the risk of exploitation.