CVE-2010-3403

Name of the Vulnerable Software and Affected Versions Qualcomm eXtensible Diagnostic Monitor (QXDM) version 03.09.19

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse mfc71enu.dll that is located in the same folder as a .isf file.

Recommendations For Qualcomm eXtensible Diagnostic Monitor (QXDM) version 03.09.19, consider restricting access to the folder where .isf files are located to prevent the placement of malicious mfc71enu.dll files. As a temporary workaround, avoid using .isf files from untrusted sources until a patch is available.