login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation.
CVSS Score
4.6
EPSS Score
0.001
Published
2010-04-20
aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31