[bobdvb]

Decoding the video involves hardware acceleration, so data is not just processed at the application layer, it's passed much deeper. In very specific and rare attacks, it's been possible to bypass application and even OS level protections by crafting media files. So that when they're processed there's an overflow which dumps some payload into unprotected memory and allows some intrusion into the viewers system. This has been done with photos, general images and videos.

It's not reliable unless you happen to know the specific, unpatched exploit on the target system. There aren't general purpose vulnerabilities for such things.