GomlabCVEs & Vulnerabilities

11 CVEs affecting Gomlab products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

gom player 62gom media player 3gom encoder 1
CVE-2017-5881HIGHpoc

GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file.

21 Feb 2017
7.8
CVSS
CVE-2014-3899MEDIUM

Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to cause a denial of service (launch outage) via a crafted image file.

12 Aug 2014
4.3
CVSS
CVE-2014-3216MEDIUMpoc

GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.

10 Jun 2014
4.3
CVSS
CVE-2013-7184MEDIUMpoc

Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.

24 Jan 2014
4.3
CVSS
CVE-2013-5716MEDIUMpoc

Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file.

9 Sep 2013
4.3
CVSS
CVE-2013-5715CRITICAL

Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors.

9 Sep 2013
10.0
CVSS
CVE-2011-5162CRITICALpoc

Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression.

15 Sep 2012
9.3
CVSS
CVE-2012-1774CRITICALpoc

Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has unknown impact and attack vectors, a different vulnerability than CVE-2007-5779 and CVE-2012-1264.

18 Mar 2012
10.0
CVSS
CVE-2012-1264CRITICAL

Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.5091 allows remote attackers to execute arbitrary code via a crafted AVI file.

18 Mar 2012
9.3
CVSS
CVE-2009-1497CRITICALpoc

Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file.

1 May 2009
9.3
CVSS
CVE-2009-1022CRITICALpoc

Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.

20 Mar 2009
9.3
CVSS
← PrevPage 1 / 1Next →