The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.
docs.info.apple.com/article.html?artnum=305947
lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html
osvdb.org/36135
secunia.com/advisories/26034
www.securityfocus.com/bid/24873
www.securitytracker.com/id?1018373
www.us-cert.gov/cas/techalerts/TA07-193A.html
www.vupen.com/english/advisories/2007/2510
exchange.xforce.ibmcloud.com/vulnerabilities/35359