* A memory corruption bug which can be triggered by a maliciously crafted movie. It could potentially result in arbitrary code execution (CVE-2007-2395)
* A heap overflow in the use of Sample Table Sample Descriptor atoms, which can be triggered through maliciously crafted movie files. It could potentially result in arbitrary code execution (CVE-2007-3750).
* Vulnerabilities in Quicktime for Java which could allow untrusted applets to obtain elevated privileges (CVE-2007-3751).
* Two bugs in PICT file processing, potentially resulting in arbitrary code execution (CVE-2007-4672).
* A bug in QTVR movie file parsing which could result in arbitrary code execution (CVE-2007-4675).
* A bug in the parsing of color table atoms which could result in arbitrary code execution (CVE-2007-4677).
Stumble It!
Seed Newsvine
