本ページは gomlab gom_player に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-53875 | GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server interaction. | [email protected] | 7.5 | 0.29% | 2025-12-15 | 2025-12-18 |
| CVE-2023-53874 | GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability. | [email protected] | 6.7 | 0.06% | 2025-12-15 | 2025-12-18 |
| CVE-2017-5881 | GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file. | [email protected] | 7.8 | 2.19% | 2017-02-21 | 2026-05-13 |
| CVE-2014-3899 | Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to cause a denial of service (launch outage) via a crafted image file. | [email protected] | 4.3 | 0.68% | 2014-08-12 | 2026-05-06 |
| CVE-2013-7184 | Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file. | [email protected] | 4.3 | 12.25% | 2014-01-24 | 2026-04-29 |
| CVE-2013-5716 | Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file. | [email protected] | 4.3 | 14.62% | 2013-09-09 | 2026-04-29 |
| CVE-2013-5715 | Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors. | [email protected] | 10.0 | 0.35% | 2013-09-09 | 2026-04-29 |
| CVE-2011-5162 | Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression. | [email protected] | 9.3 | 50.78% | 2012-09-15 | 2026-04-29 |
| CVE-2009-1497 | Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file. | [email protected] | 9.3 | 25.91% | 2009-05-01 | 2026-04-23 |