Versions of QuickTime earlier than 7.7 are potentially affected by multiple vulnerabilities :
A buffer overflow in QuickTime’s handling of pict files may lead to an application crash or arbitrary code execution. (CVE-2011-0245)
A buffer overflow in QuickTime’s handling of JPEG2000 files may lead to an application crash or arbitrary code execution. (CVE-2011-0186)
A cross-origin issue in QuickTime plug-in’s handling of cross-site redirects may lead to disclosure of video data from another site. (CVE-2011-0187)
An integer overflow in QuickTime’s handling of RIFF WAV files may lead to an application crash or arbitrary code execution. (CVE-2011-0209)
A memory corruption issue in QuickTime’s handling of sample tables in QuickTime movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0210)
An integer overflow in QuickTime’s handling of audio channels in movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0211)
A buffer overflow in QuickTime’s handling of JPEG files may lead to an application crash or arbitrary code execution. (CVE-2011-0213)
A heap buffer overflow in QuickTime’s handling of GIF files may lead to an application crash or arbitrary code execution. (CVE-2011-0246)
Multiple stack buffer overflows in QuickTime’s handling of H.264 encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0247)
A stack buffer overflow in QuickTime ActiveX’s handling of QTL files may lead to an application crash or arbitrary code execution. (CVE-2011-0248)
A heap buffer overflow in QuickTime’s handling of STSC atoms in QuickTime movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0249)
A heap buffer overflow in QuickTime’s handling of STSS atoms in QuickTime movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0250)
A heap buffer overflow in QuickTime’s handling of STSZ atoms in QuickTime movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0251)
A heap buffer overflow in QuickTime’s handling of STTS atoms in QuickTime movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0252)
Binary data 801184.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0186
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0187
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0209
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0210
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0211
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0213
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0245
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0246
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0247
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0250
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0251
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0252
lists.apple.com/archives/security-announce/2011/aug/msg00000.html
support.apple.com/kb/HT4826