There is a working exploit for Apple QuickTime on the loose.
From Secunia:
Description:
h07 has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user’s system.The vulnerability is caused due to a boundary error when processing RTSP replies and can be exploited to cause a stack-based buffer overflow via a specially crafted RTSP reply containing an overly long “Content-Type” header.
Successful exploitation allows execution of arbitrary code and requires that the user is e.g. tricked into opening a malicious QTL file or visiting a malicious web site.
The vulnerability is confirmed in version 7.3. Other versions may also be affected.
NOTE: A working exploit is publicly available.
[tags]Apple QuickTime Exploit, QuickTime Exploit, QuickTime Vulnerability[/tags]
