PHP Improper Link Resolution Before File Access (Link Following) Vulnerability - CVE-2007-4652

The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.