Launchpad.net

CVE 2012-0733

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account.

See the CVE page on Mitre.org for more details.

References