CVE-2005-1590

ACLIENT.EXE 6.0.88 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1590. PoCs published by Reed Arvin.

AI-analyzed exploit summary This exploit leverages a local privilege escalation vulnerability in Altiris Deployment Solution Client by abusing the 'View Log File' functionality to launch a SYSTEM-level command shell via Notepad's file dialog.

Description

The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Reed Arvin · textlocalwindows
https://www.exploit-db.com/exploits/24754

This exploit leverages a local privilege escalation vulnerability in Altiris Deployment Solution Client by abusing the 'View Log File' functionality to launch a SYSTEM-level command shell via Notepad's file dialog.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Altiris Deployment Solution Client 5.6 SP1 (Hotfix E)
Auth required
Prerequisites: Local access to the system · Altiris Client Service running in the system tray
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_osvdb
http://www.osvdb.org/15897
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/15159
Exploit, Vendor Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0614.html

Scores

EPSS 0.0092
EPSS Percentile 55.6%

Details

Status published
Products (4)
altiris/client_service 6.0.88
altiris/deployment_solution 5.6 sp1
altiris/deployment_solution 5.6.181
altiris/deployment_solution 6.0
Published May 16, 2005
Tracked Since Feb 18, 2026