Zero Day Initiative Advisory 11-312 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses the atom hierarchy within a QuickTime movie file. In a certain situation the application will pass execution to another function for handling the atom, however, will pass the incorrect number of arguments. Due to this, a variable will be treated as a pointer. This can lead to code execution under the context of the application.
cb365aed44c81961888502d4e300903ac4ba55d40337e597ccdb589e14a421f0