CVE-2006-5328
OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.
Date published : 2006-10-17
http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html