CVE-2006-4763

2006-09-13T23:07:00
ID CVE-2006-4763
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:39:00

Description

IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie.