Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file.
https://exchange.xforce.ibmcloud.com/vulnerabilities/84835
http://www.securityfocus.com/bid/60418