Certain scripts in OpenServer prior to 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.
sco openserver 5.0.5