Vulnerability in Microsoft Windows_2000

CVE-2002-1325

Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."

EPSS: 0.139 (96.0th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_2000
Microsoft Windows_2000_terminal_services
Microsoft Windows_95
Microsoft Windows_98
Microsoft Windows_98se
Microsoft Windows_me
Microsoft Windows_nt — versions 4.0
Microsoft Windows_xp
N/a — versions n/a

References

cve@mitre.org (x_refsource_MS, vendor-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)