Lucene search

[email protected]CVE-2010-3403

HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-3403

2022-10-0316:20:55

[email protected]

web.nvd.nist.gov

cve-2010-3403

untrusted search path

qualcomm

qxdm

dll hijacking

vulnerability

nvd

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.0%

JSON

Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic Monitor (QXDM) 03.09.19 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .isf file.

Affected configurations

NVD

Node

qualcommextensible_diagnostic_monitorMatch03.09.19

CPENameOperatorVersion
qualcomm:extensible_diagnostic_monitorqualcomm extensible diagnostic monitoreq03.09.19

CPE	Name	Operator	Version
qualcomm:extensible_diagnostic_monitor	qualcomm extensible diagnostic monitor	eq	03.09.19

References

osvdb.org/67991

secunia.com/advisories/41309

www.exploit-db.com/dll-hijacking-vulnerable-applications/

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.0%

JSON

Related for CVE-2010-3403

prion1 nvd1 cvelist1