[evilfantasy]

Apple QuickTime bitten by code execution flaws - ZDNet.com

Quote:

Apple today released QuickTime 7.6 to fix at least seven serious security flaws that expose Mac OS X and Windows users to remote code execution attacks.

he latest upgrade, available for Mac OS X v10.4.9 - v10.4.11, Mac OS X v10.5 or later, Windows Vista and Windows XP SP2 and SP3, covers vulnerabilities that could be exploited via malicious URLs or booby-trapped movie or audio files.