dialog allows local users to overwrite arbitrary files via a symlink attack to gain privileges on the system. The dialog program creates lock-files in the /tmp directory insecurely. A local attacker could leverage this vulnerability to create a symbolic link in /tmp and overwrite or corrupt sensitive files owned by another user.
Upgrade to version dialog_0.9a-20000118-3bis or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.