Arbitrary Command Execution via Altiris Client Service Tray Icon in Windows 5.6 SP1 Hotfix E (5.6.181)

Arbitrary Command Execution via Altiris Client Service Tray Icon in Windows 5.6 SP1 Hotfix E (5.6.181)

CVE-2004-2070 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) allows local users to execute arbitrary commands by opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2005-1590.

Learn more about our User Device Pen Test.