VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Dec 23, 2002· Updated Apr 16, 2026

CVE-2002-1325

CVE-2002-1325

Description

Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."

Affected products

43
  • Microsoft/Windows 20004 versions
    cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
  • Microsoft/Windows 2000 Terminal Services4 versions
    cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*
  • Microsoft/Windows 952 versions
    cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_95:*:sr2:*:*:*:*:*:*
  • Microsoft/Windows 98
    cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
  • Microsoft/Windows 98se
    cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • Microsoft/Windows Me
    cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • Microsoft/Windows Nt28 versions
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*+ 27 more
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
  • Microsoft/Windows Xp2 versions
    cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.