Apple QuickTime is a media player for Windows and Mac OS platforms.
The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a browser, this could trigger a stack overflow and give an attacker the ability to execute arbitrary code on the target's system.
Upgrade to Apple QuickTime Player 7.7.2 or higher.
This exploit has been tested against Apple QuickTime 7.7.1 on Windows XP SP3 English (DEP OptIn). The HTML page must be opened using Internet Explorer 8 on the target.