CVE-2014-5260
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.
Date published : 2014-08-15
https://bugs.debian.org/756566
https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/