Gomlab
Products
3- 7 CVEs
- 3 CVEs
- 1 CVE
Recent CVEs
11| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-5881 | Hig | 0.54 | 7.8 | 0.02 | Feb 21, 2017 | GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file. | |
| CVE-2011-5162 | 0.06 | — | 0.36 | Sep 15, 2012 | Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression. | ||
| CVE-2009-1022 | 0.06 | — | 0.34 | Mar 20, 2009 | Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file. | ||
| CVE-2009-1497 | 0.05 | — | 0.26 | May 1, 2009 | Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file. | ||
| CVE-2014-3216 | 0.04 | — | 0.07 | Jun 10, 2014 | GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file. | ||
| CVE-2013-7184 | 0.04 | — | 0.12 | Jan 24, 2014 | Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file. | ||
| CVE-2013-5716 | 0.04 | — | 0.09 | Sep 9, 2013 | Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file. | ||
| CVE-2012-1774 | 0.03 | — | 0.05 | Mar 18, 2012 | Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has unknown impact and attack vectors, a different vulnerability than CVE-2007-5779 and CVE-2012-1264. | ||
| CVE-2014-3899 | 0.00 | — | 0.01 | Aug 12, 2014 | Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to cause a denial of service (launch outage) via a crafted image file. | ||
| CVE-2013-5715 | 0.00 | — | 0.00 | Sep 9, 2013 | Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors. | ||
| CVE-2012-1264 | 0.00 | — | 0.02 | Mar 18, 2012 | Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.5091 allows remote attackers to execute arbitrary code via a crafted AVI file. |
- risk 0.54cvss 7.8epss 0.02
GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file.
- CVE-2011-5162Sep 15, 2012risk 0.06cvss —epss 0.36
Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression.
- CVE-2009-1022Mar 20, 2009risk 0.06cvss —epss 0.34
Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.
- CVE-2009-1497May 1, 2009risk 0.05cvss —epss 0.26
Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file.
- CVE-2014-3216Jun 10, 2014risk 0.04cvss —epss 0.07
GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
- CVE-2013-7184Jan 24, 2014risk 0.04cvss —epss 0.12
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
- CVE-2013-5716Sep 9, 2013risk 0.04cvss —epss 0.09
Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file.
- CVE-2012-1774Mar 18, 2012risk 0.03cvss —epss 0.05
Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has unknown impact and attack vectors, a different vulnerability than CVE-2007-5779 and CVE-2012-1264.
- CVE-2014-3899Aug 12, 2014risk 0.00cvss —epss 0.01
Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to cause a denial of service (launch outage) via a crafted image file.
- CVE-2013-5715Sep 9, 2013risk 0.00cvss —epss 0.00
Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors.
- CVE-2012-1264Mar 18, 2012risk 0.00cvss —epss 0.02
Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.5091 allows remote attackers to execute arbitrary code via a crafted AVI file.