iDefense Security Advisory 11.05.07 - Remote exploitation of a heap overflow vulnerability in Apple Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. iDefense Labs confirmed this vulnerability exists in QuickTime VR extension 7.2.0.240 as included in QuickTime Player 7.2. Previous versions are suspected to be vulnerable.
cc6ea2e8a8e2dbe86dd2fe554b99613956ff2f4d2973039ec6630f452c891c7c