Gom Player Security Vulnerabilities and Issues — Gom Player CVE List

GomlabGom Player

9 matches found

CVE•added 2014/08/12 1:0 a.m.•69 views

CVE-2014-3899

GOM Media Player (Gretech) is affected by CVE-2014-3899. A DoS can be triggered by processing a specially crafted image file, affecting versions up to 2.2.51.5149 and earlier. The root cause is related to image file handling within the player, enabling remote-induced service disruption without ve...

4.3CVSS6.7AI score0.01523EPSS

CVE•added 2017/02/21 7:46 a.m.•64 views

CVE-2017-5881

CVE-2017-5881 affects GOM Player 2.3.10.5266. Multiple sources describe a vulnerability where a crafted ".fpx" file can cause memory corruption leading to a denial of service (and potentially other impacts). Public entries consistently cite memory corruption as the underlying issue and mention a ...

7.8CVSS8AI score0.08157EPSS

CVE•added 2013/09/09 5:0 p.m.•56 views

CVE-2013-5715

CVE-2013-5715 affects Gretech GOM Media Player prior to 2.2.53.5169. The vulnerability is a buffer overflow in the application, with the root cause described as unspecified in the provided documents. The impact, attack vector, and exploitation details are not specified beyond the general buffer o...

10CVSS7.1AI score0.01804EPSS

CVE•added 2013/09/09 5:0 p.m.•54 views

CVE-2013-5716

CVE-2013-5716 affects Gretech GOM Media Player 2.2.53.5169 and earlier. A crafted WAV file can cause a remote DoS (application crash). Public exploits exist; exploitation is remote over the network. Affected vectors are via a WAV payload. Remediation: update to the latest version. If not yet upda...

4.3CVSS6.8AI score0.02154EPSS

CVE•added 2012/09/15 5:0 p.m.•52 views

CVE-2011-5162

GOM Player 2.1.33.5071 is affected by a stack-based buffer overflow in the ASX ref href handling, allowing user‑assisted remote code execution via a crafted ASX file with a long URI. The issue is described as a regression from CVE-2007-0707. Affected component: parsing of the ASX file’s ref href ...

9.3CVSS8.2AI score0.06846EPSS

CVE•added 2014/01/24 3:0 p.m.•52 views

CVE-2013-7184

GOM Media Player (Windows) versions 2.2.56.5158 and earlier are affected by CVE-2013-7184, a memory corruption vulnerability in AVI file handling that can trigger a remote denial of service. The incident is triggered by a crafted AVI file and affects the GOM Player’s ability to process such files...

4.3CVSS6.5AI score0.02303EPSS

CVE•added 2009/05/01 4:0 p.m.•39 views

CVE-2009-1497

CVE-2009-1497 describes a stack-based buffer overflow in srt2smi.exe of Gretech Online Movie Player (GOM Player) 2.1.16.4635. The vulnerability allows remote attackers to crash the application or execute arbitrary code via a long string contained in an SRT subtitle file. The available documents d...

9.3CVSS8.3AI score0.06768EPSS

CVE•added 2025/12/15 8:28 p.m.•15 views

CVE-2023-53875

GOM Player 2.3.90.5360 contains a remote code execution vulnerability in the Internet Explorer component. The issue can be triggered via DNS spoofing with a malicious URL shortcut and WebDAV, enabling an attacker to execute arbitrary code and potentially run a reverse shell with SMB server intera...

8.8CVSS8.2AI score0.00365EPSS

CVE•added 2025/12/15 8:28 p.m.•14 views

CVE-2023-53874

Summary: CVE-2023-53874 affects GOM Player 2.3.90.5360. The issue is a buffer overflow in the equalizer preset name input field, with exploitation described as overwriting the preset name by 260 'A' characters, leading to application instability or a crash. What’s affected: GOM Player version 2.3...

9.8CVSS6.9AI score0.00408EPSS