CVE-2007-4375

NONECVSS 0.0

0.0

The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address.

🔗 References (18)

cve@mitrehttp://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065245.html
cve@mitrehttp://osvdb.org/39546
cve@mitrehttp://osvdb.org/39547
cve@mitrehttp://secunia.com/advisories/26431
cve@mitrehttp://securityreason.com/securityalert/3018
cve@mitrehttp://www.securityfocus.com/archive/1/476954/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/25320
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/36007
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/36008
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065245.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/39546
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/39547
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26431
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3018
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/476954/100/0/threaded

Is Your Infrastructure Affected by CVE-2007-4375?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-4375

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-4375?