Researchers were surprised to find that their Time of Check to Time of Use (TOCTOU) attack succeeded 85% of the time, even when the critical operations were "separated only by a few milliseconds."
To better understand this vunlerability and what you can do, read:
by G. Ann Campbell
From the article:
With TOCTOU, the idea is that there's a window of opportunity between when a privileged program checks a file (Does the file exist? Are permissions okay for what we're about to do? …) and when it operates on that file (Create the file. Write to the file. …). In that window, an attacker could replace the file with e.g. a symlink to `/etc/passwd`, and the operation you meant to perform on `/home/ann/tmp` happens to an important system file instead.