A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the parsing of the QuickTime VR 'obji' atom. When the size of the atom is set to 0, a stack overflow condition occurs resulting in the execution of arbitrary code. Version 7.4.1 is affected.
6c3e0c5cb211b92cbd7127c5ea1a1f5b750a2a1f367ad2b61a75ddc0965ca9e2