CVE-2007-4375

Name of the Vulnerable Software and Affected Versions Diskeeper versions 9 Professional, 2007 Pro Premier

Description The administrative interface in Diskeeper exposes a memory comparison function via RPC over TCP, allowing remote attackers to obtain sensitive information, such as process memory contents, or cause a denial of service by crashing the application. This can be used to obtain module base addresses, potentially defeating Address Space Layout Randomization (ASLR).

Recommendations For Diskeeper versions 9 Professional and 2007 Pro Premier, consider disabling the RPC service over TCP to prevent remote exploitation until a patch is available. Restrict access to the administrative interface to minimize the risk of sensitive information disclosure or application crash.