Heap-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file.
https://exchange.xforce.ibmcloud.com/vulnerabilities/84836
http://www.securityfocus.com/bid/60420
http://secunia.com/secunia_research/2013-05