vendor:
GOM Player
by:
ariarat
7.5
CVSS
HIGH
Memory Corruption
CWE
Product Name: GOM Player
Affected Version From: 2.2.56.5158
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-2013-7184
CPE: a:gomlab:gom_player:2.2.56.5158
Platforms Tested: Windows 7 32-bit
2013
GOM Player Version 2.2.56.5158 .avi File Handling Memory Corruption Vulnerability
This exploit allows remote attackers to execute arbitrary code via a crafted .avi file in GOM Player. The vulnerability occurs when the player fails to properly handle certain inputs, leading to memory corruption.
Mitigation:
Update GOM Player to the latest version. Do not open .avi files from untrusted sources.
