From LinuxSecurity.com: Hidden deep within its code is a format string vulnerability which can be triggered simply by attempting to decrypt a file
with a specially crafted filename. This vulnerability can allow a malicious user to gain unathorized access to the account
which attempted the decryption.
May 30, 2001