exploitDog

CVE-2023-53874

Опубликовано: 15 дек. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability.

Ссылки

https://www.exploit-db.com/exploits/51724
Exploit
Third Party Advisory
VDB Entry
https://www.gomlab.com
Product
https://www.vulncheck.com/advisories/gom-player-buffer-overflow-via-equalizer-preset-name
Third Party Advisory
https://www.exploit-db.com/exploits/51724
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gomlab:gom_player:2.3.90.5360:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00038

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-120

Связанные уязвимости

GHSA-c39h-f8c8-g26x

CVSS3: 9.8

github

около 2 месяцев назад

GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability.

EPSS

Процентиль: 11%

0.00038

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-120