The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
http://www.vupen.com/english/advisories/2008/0682
http://www.videolan.org/security/sa0802.html
http://www.securitytracker.com/id?1019510
http://www.securityfocus.com/bid/28007
http://www.securityfocus.com/archive/1/488841/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
http://www.debian.org/security/2008/dsa-1543
http://www.coresecurity.com/?action=item&id=2147
http://secunia.com/advisories/29766
http://secunia.com/advisories/29284
http://secunia.com/advisories/29153
http://secunia.com/advisories/29122
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html