GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
https://exchange.xforce.ibmcloud.com/vulnerabilities/1975
http://www.securityfocus.com/bid/198
http://support.microsoft.com/support/kb/articles/q214/8/02.asp
http://marc.info/?l=ntbugtraq&m=91822011021558&w=2