xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files.