本頁列出影響 gomlab gom_player 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2023-53875 | GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server interaction. | [email protected] | 7.5 | 0.36% | 2025-12-15 | 2026-06-17 |
| CVE-2023-53874 | GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability. | [email protected] | 6.7 | 0.41% | 2025-12-15 | 2026-06-17 |
| CVE-2017-5881 | GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file. | [email protected] | 7.8 | 8.16% | 2017-02-21 | 2026-06-16 |
| CVE-2014-3899 | Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to cause a denial of service (launch outage) via a crafted image file. | [email protected] | 4.3 | 1.52% | 2014-08-12 | 2026-06-16 |
| CVE-2013-7184 | Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file. | [email protected] | 4.3 | 2.30% | 2014-01-24 | 2026-06-16 |
| CVE-2013-5716 | Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file. | [email protected] | 4.3 | 2.15% | 2013-09-09 | 2026-06-16 |
| CVE-2013-5715 | Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors. | [email protected] | 10.0 | 1.80% | 2013-09-09 | 2026-06-16 |
| CVE-2011-5162 | Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression. | [email protected] | 9.3 | 6.85% | 2012-09-15 | 2026-06-16 |
| CVE-2009-1497 | Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file. | [email protected] | 9.3 | 6.77% | 2009-05-01 | 2026-06-16 |