Apple Security Advisory 2011-10-12-3 - OS X Lion has a security update available that addresses findings in Apache, a format string vulnerability in the Application Firewall, an arbitrary code execution vulnerability when viewing a malicious font via ATS, and 60+ other issues.
4d539896720bca2e48b218929a6c10484c83d72ac4b634adbd7f33f680f59ede
Zero Day Initiative Advisory 11-259 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles corrupt Sample Size atoms. When the value for 'Number of Entries' in this atom differs from the 'Number of Entries' in the Time-To-Sample atom, QuickTime will fill the Atom Sample Table with uninitialized data read from memory. This can later on result in a heap overflow when the data is used to calculate a loop counter to fill a heap buffer.
4042c59dc976e1482717baaf40d66c37a84d10130895354cee891e7e9212fb8e
Apple Security Advisory 2011-08-03-1 - QuickTime version 7.7 has been made available to address multiple code execution, cross-origin, integer overflow, memory corruption, and other vulnerabilities.
08c8a33c814803db93ff4136d87bacc64dfe68c5d11475ce6a6bccf0835835c9