Felix Schwarz

**Name of the Vulnerable Software and Affected Versions** suPHP versions prior to 0.6.3 **Description** The issue allows local users to gain privileges through a race condition involving multiple symlink changes to point a file owned by a different user, or a symlink to the directory of a different user. This can lead to disruption of confidentiality, integrity, and availability of protected information. The exploitation can be carried out by a local attacker who has passed the authentication procedure. **Recommendations** For versions prior to 0.6.3, update to version 0.6.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.