This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exist in the parsing of the PackBitsRgn field (Opcode 0x0099). Due to improper handling of a malformed element in the structure, heap corruption occurs. If properly constructed this can lead to code execution running under the credentials of the user.