Pages - Menu

Tuesday, December 23, 2014

Gom Player Read Access Violation Vulnerability

Title : Gom Player 2.2.64.5211 Read Access Violation on Control
Discoverer: Cihat YILDIZ (@cihatix)
Web page : www.binarysniper.net 
Test: Windows XP SP3
Status: Not Fixed
Severity : High

OSVDB ID: 116462

Discovered: 24 December 2014
Reported: 24 December 2014
Published: 24 December 2014

Description : GOM Media Player contains a flaw that is triggered as user-supplied input is not properly sanitized when handling a specially crafted TIFF file. This may allow a context-dependent attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code.