libtool attempts to create a temporary directory in
which to write scratch files needed during processing. A
malicious user may create a symlink and then manipulate
the directory so as to write to files to which she normally
has no permissions.
This has been reported as a ``symlink vulnerability'',
although I do not think that is an accurate description.
This vulnerability could possibly be used on a multi-user
system to gain elevated privileges, e.g. root builds some
packages, and another user successfully exploits this
vulnerability to write to a system file.