CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
5.1%
suPHP before 0.6.3 allows local users to gain privileges via (1) a race
condition that involves multiple symlink changes to point a file owned by a
different user, or (2) a symlink to the directory of a different user,
which is used to determine privileges.