조지아에 살고 있는 19살 Ucha Gobejishvili 군(?)이 곰 플레이어 대한 오버플로우 취약점을 발견하였다. 간단한 동영상을 유튜브를 통해 올려놓았는데.. 코드는 공개하지 않고는 있지만 그레텍에서 이 사실을 알고 조속히 보안 패치를 취해 주었으면 하는 바이다.




Introduction:
=============
GOM Player (Gretech Online Movie Player) is a 32/64-bit media player for Microsoft Windows, distributed by the Gretech Corporation of South Korea.
It is the primary client player for South Korean GOM-TV, and is more popular in South Korea than any other media player. Key strengths inherited from libavcodec include wide ranging ability to play media files, including .flv - without needing to obtain an external codec, and the ability to play some broken media files. Both of those features are present in other projects using libavcodec like VLC and MPlayer, but are absent from some other media software, including Windows Media Player.
Abstract:
=========
.....

[출처 및 링크] secday.blogspot.in

Posted by bitfox
l