CVE-2007-5779

EXPLOITED

GOM Player 2.1.6.3499 - Buffer Overflow via GomWeb Control OpenUrl Method

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2007-5779 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including Metasploit, rgod, MC, including a Metasploit module exploits/windows/browser/gom_openurl.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in GOM Player 2.1.6.3499 via the OpenUrl() method in GomWeb3.dll. It delivers a payload through a malicious HTML page with an embedded ActiveX control.

Description

Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16572

This Metasploit module exploits a stack buffer overflow in GOM Player 2.1.6.3499 via the OpenUrl() method in GomWeb3.dll. It delivers a payload through a malicious HTML page with an embedded ActiveX control.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GOM Player 2.1.6.3499
No auth needed
Prerequisites: Target must have GOM Player 2.1.6.3499 installed · Target must visit a malicious web page
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by rgod · htmlremotewindows
https://www.exploit-db.com/exploits/4579

This exploit targets a buffer overflow in GOM Player 2.1.6.3499 via the GomWeb Control (GomWeb3.dll 1.0.0.12) by passing more than 506 'A' characters to the OpenUrl method, leading to arbitrary code execution. The PoC includes shellcode to launch calc.exe.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: GOM Player 2.1.6.3499 (GomWeb3.dll 1.0.0.12)
No auth needed
Prerequisites: Victim must open the malicious HTML file in Internet Explorer 6 on Windows XP SP2
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/gom_openurl.rb

This Metasploit module exploits a stack buffer overflow in GOM Player 2.1.6.3499 via the OpenUrl() method in GomWeb3.dll. It delivers a payload through a malicious HTML page, triggering arbitrary code execution on vulnerable systems.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GOM Player 2.1.6.3499
No auth needed
Prerequisites: Vulnerable GOM Player installation · Victim must visit a malicious web page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27418
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4579
Various Sources x_refsource_misc
http://www.gomplayer.com/forum/viewtopic.html?t=1013
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38159
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26236
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3634

Scores

EPSS 0.8183
EPSS Percentile 99.2%

Details

VulnCheck KEV 2008-03-03
CWE
CWE-119
Status published
Products (1)
gom_player/gom_player 2.1.6.3499
Published Nov 01, 2007
Tracked Since Feb 18, 2026