QuickTime 7.4.1 is available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later[/url], and Windows Vista, XP SP2.
Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled. By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.