CVE-2017-5881 Gomlab CVE debrief

Who should care

Organizations and users running GOM Player 2.3.10.5266, especially desktop environments where users may open untrusted FPX files. Security teams that manage application allowlisting, endpoint hardening, or software inventory should also pay attention.

Technical summary

The vulnerability is mapped to CWE-119 (improper restriction of operations within the bounds of a memory buffer). NVD lists the affected CPE as gomlab gom_player 2.3.10.5266. The CVSS 3.0 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, which indicates user interaction is required and the scoring assumes significant potential impact. The public description specifically mentions a crafted FPX file as the trigger.

Defensive priority

High priority for any environment still running GOM Player 2.3.10.5266 or allowing untrusted media files to be opened on affected systems.

Recommended defensive actions

• Inventory endpoints for GOM Player 2.3.10.5266 and remove or upgrade the affected version if still present.
• Restrict opening of untrusted FPX files and other externally supplied media content on affected systems.
• Use application allowlisting or endpoint controls to limit exposure on user workstations.
• Monitor for vendor advisories or replacement versions associated with GOM Player security fixes.
• Treat the NVD-listed third-party exploit reference as a signal to prioritize remediation, without relying on it for reproduction details.

Evidence notes

Source corpus states: GOM Player 2.3.10.5266 is affected; crafted FPX files can trigger memory corruption; the published description notes possible denial of service and unspecified other impact. NVD metadata lists CVSS 3.0 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H and CWE-119. Vendor attribution in the corpus uses NVD CPE data with medium confidence.

Official resources