/usr/bin/tomboy from app-misc/tomboy contains line:
which yields to LD_LIBRARY_PATH="/usr/lib64/tomboy:", what means that required libraries are also looked up in current directory. In the case of tomboy, it is usually user's home directory, but user may run application from directories like /tmp as well. If someone is able to copy bogus system libraries to this directory, user could potentially run enemy code.
Steps to Reproduce:
1. copy bogus glibc to ~
2. run tomboy
*** This bug has been marked as a duplicate of bug 189249 ***