VideoLAN (VLC) (http://www.videolan.org) is "one of the most famous and used media players for various reasons: simple to use, open source, multi platform, many features available, continuosly updated and more". Two buffer overflow vulnerabilities have been discovered in VideoLAN, these allow attackers to overflow internal buffers in the product via a malicious subtitle file or via the product's web interface.

http://www.securiteam.com/securitynews/6D00N1FKKU.html