CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
Date published : 2005-04-06
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html