Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0581)