Shodan
Vulnerabilities
Vulnerable Software
Gomlab:  >> Gom Player  Security Vulnerabilities
CVE-2023-53875
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server interaction.
CVSS Score
7.5
EPSS Score
0.004
Published
2025-12-15
CVE-2023-53874
GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability.
CVSS Score
6.7
EPSS Score
0.004
Published
2025-12-15
CVE-2017-5881
GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file.
CVSS Score
7.8
EPSS Score
0.082
Published
2017-02-21
CVE-2014-3899
Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to cause a denial of service (launch outage) via a crafted image file.
CVSS Score
4.3
EPSS Score
0.015
Published
2014-08-12
CVE-2013-7184
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
CVSS Score
4.3
EPSS Score
0.023
Published
2014-01-24
CVE-2013-5715
Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.018
Published
2013-09-09
CVE-2013-5716
Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file.
CVSS Score
4.3
EPSS Score
0.022
Published
2013-09-09
CVE-2011-5162
Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression.
CVSS Score
9.3
EPSS Score
0.068
Published
2012-09-15
CVE-2009-1497
Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file.
CVSS Score
9.3
EPSS Score
0.068
Published
2009-05-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved