EUVD-2006-4951

Malware in sbrugna...

CVE-2007-5045

Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link QTL file with an embed XML element and a qtnext parameter containing the...

Code execution via QuickTime Media-link files — Mozilla

On his blog Petko D. Petkov reported that QuickTime Media-Link files contain a qtnext attribute that could be used on Windows systems to launch the default browser with arbitrary command-line options. When the default browser is Firefox 2.0.0.6 or earlier use of the -chrome option allowed a remot...

[SA22048] Apple QuickTime Plug-In Local Resource Linking Weakness

TITLE: Apple QuickTime Plug-In Local Resource Linking Weakness SECUNIA ADVISORY ID: SA22048 VERIFY ADVISORY: http://secunia.com/advisories/22048/ CRITICAL: Not critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: pdp has...

Apple QuickTime Plug-In Arbitrary Script Execution Weakness

Description Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files .qtl. An attacker can exploit this issue to execute arbitrary script code in the context of the affected application and load local content in a user's browser. Althoug...