VLC Media Player has a buffer overflow vulnerability in versions 2.0.5 and earlier. The vulnerability is caused due to an error in the “DemuxPacket()” function when processing ASF files. To exploit the vulnerability, a user must explicitly open a specially crafted ASF movie. A patch will be included in the next version of the media player, which is only available for testing purposes at the moment. VideoLAN advises users to refrain from opening files from untrusted locations and disable the VLC browser plug-ins.
Source: https://thehackernews.com/2013/02/buffer-overflow-vulnerability-in-vlc.html