- Flash runtime is using Main Concept H.264/AAC as well MP4 demux container format from the same company. There is also fMP4 format with very advanced meta-data. This is pretty much secure software.
- Flash is also using MP3 audio, VP6 video and Nelly Moser audio formats with FLV muxing, this is is somewhat secure as well however I havent tested this one.
- There is also Windows Media ASX/WMV/VC-1/WMA formats used by all Windows Browsers and Windows Media Player OCX
- On linux there is VC-1 player replacement with mplayer
- VLC plugin is one of the easiest, if user has plugin it's easy to crash the browser
- Microsoft H.264 addon is using Windows 7 H264 and MPEG-2 decoder to play DVDs, blue-rays as well HD transport streams
- Shoutcast protocol is also widely used
- Firefox has Theora video and OGG audio, which is open source.
- OSX (MAC/iphone/ipad) has MPEG-2 TS decoder done by Apple and works in Safari browser
- UK freeview Set Top Box is using libcurl / VLC to play the videos
- Smart TVs are using various open source libraries or same as on Sony Playstation (Sony TV)
- Android 4 is using MPEG-2 decoder via browser too
- Silverlight runtime is using Windows Media, H.264 decoder from Microsoft on Windows and Microsoft Phone
There are many other players which can run viruses, some TV's utilize complete scripting which can be injected thru the DVB-T terrestial or DVB-S satellite signal, which is sometimes performed to take out the pirate boxes.
So you see, you can make a living just by hacking video formats. Most of them has serious holes, with the most dodgy one being VLC and the most secure Main Concept.
The show you have seen doesnt need to be true, to actually perform this on main concept itself it's not likely however some formats had bugs previously, but since the adobe player has autoupdate, the problem is much better at the moment than 5 years ago, when the show was shot