Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-1325
cve-2002-1325
microsoft virtual machine
vm
user.dir exposure vulnerability
username disclosure
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.6%
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user’s username via a Java applet that accesses the user.dir system property, aka “User.dir Exposure Vulnerability.”
Affected configurations
Node
microsoftwindows_2000
ORmicrosoftwindows_2000sp1
ORmicrosoftwindows_2000sp2
ORmicrosoftwindows_2000sp3
ORmicrosoftwindows_2000_terminal_services
ORmicrosoftwindows_2000_terminal_servicessp1
ORmicrosoftwindows_2000_terminal_servicessp2
ORmicrosoftwindows_2000_terminal_servicessp3
ORmicrosoftwindows_95
ORmicrosoftwindows_95sr2
ORmicrosoftwindows_98gold
ORmicrosoftwindows_98se
ORmicrosoftwindows_me
ORmicrosoftwindows_ntMatch4.0sp1enterprise_server
ORmicrosoftwindows_ntMatch4.0sp1server
ORmicrosoftwindows_ntMatch4.0sp1terminal_server
ORmicrosoftwindows_ntMatch4.0sp1workstation
ORmicrosoftwindows_ntMatch4.0sp2enterprise_server
ORmicrosoftwindows_ntMatch4.0sp2server
ORmicrosoftwindows_ntMatch4.0sp2terminal_server
ORmicrosoftwindows_ntMatch4.0sp2workstation
ORmicrosoftwindows_ntMatch4.0sp3enterprise_server
ORmicrosoftwindows_ntMatch4.0sp3server
ORmicrosoftwindows_ntMatch4.0sp3terminal_server
ORmicrosoftwindows_ntMatch4.0sp3workstation
ORmicrosoftwindows_ntMatch4.0sp4enterprise_server
ORmicrosoftwindows_ntMatch4.0sp4server
ORmicrosoftwindows_ntMatch4.0sp4terminal_server
ORmicrosoftwindows_ntMatch4.0sp4workstation
ORmicrosoftwindows_ntMatch4.0sp5enterprise_server
ORmicrosoftwindows_ntMatch4.0sp5server
ORmicrosoftwindows_ntMatch4.0sp5terminal_server
ORmicrosoftwindows_ntMatch4.0sp5workstation
ORmicrosoftwindows_ntMatch4.0sp6enterprise_server
ORmicrosoftwindows_ntMatch4.0sp6server
ORmicrosoftwindows_ntMatch4.0sp6terminal_server
ORmicrosoftwindows_ntMatch4.0sp6workstation
ORmicrosoftwindows_ntMatch4.0sp6aenterprise_server
ORmicrosoftwindows_ntMatch4.0sp6aserver
ORmicrosoftwindows_ntMatch4.0sp6aterminal_server
ORmicrosoftwindows_ntMatch4.0sp6aworkstation
ORmicrosoftwindows_xpgoldprofessional
ORmicrosoftwindows_xpsp1home
Related
nvd
nvd
CVE-2002-1325
2002-12-23 05:00:00
cert
cert
cvelist
cvelist
CVE-2002-1325
2004-09-01 04:00:00
nessus
nessus
MS02-052: Flaw in Microsoft VM Could Allow Code Execution (810030)
2002-11-28 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.6%
Related for CVE-2002-1325