QuickTime is a media player for Windows and Mac OS platforms.
Apple QuickTime is vulnerable to a stack buffer overflow in
**QuickTimeStreaming.qtx** when processing specially crafted
**SMIL** files. The crafted SMIL files contain an invalid and over-long URL, which prompts QuickTime to write the URL to the error log using a buffer that is too small.
Upgrade to a QuickTime version newer than QuickTime 7.6.6 (1671) when it becomes available.
Exploit works on Apple QuickTime 7.6.6. ** It may take longer than usual to establish a shell session because of heap spraying.