Home

Description

GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability.

PUBLISHED Reserved 2025-12-13 | Published 2025-12-15 | Updated 2025-12-15 | Assigner VulnCheck




MEDIUM: 6.7CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Product status

2.3.90.5360
affected

Credits

Ahmet Ümit BAYRAM finder

References

www.exploit-db.com/exploits/51724 exploit

www.exploit-db.com/exploits/51724 (ExploitDB-51724) exploit

www.gomlab.com (GOM Lab Vendor Webpage) technical-description

www.vulncheck.com/...ffer-overflow-via-equalizer-preset-name (VulnCheck Advisory: GOM Player 2.3.90.5360 Buffer Overflow via Equalizer Preset Name) third-party-advisory

cve.org (CVE-2023-53874)

nvd.nist.gov (CVE-2023-53874)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.