Description
Ruben Santamarta has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.The vulnerability is caused due to the QuickTime ActiveX control (QTPlugin.ocx) using a value passed in the "_Marshaled_pUnk" parameter as a pointer.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 7.6.7 (1675). Other versions may also be affected.
Solution
Set the kill-bit for the affected ActiveX control.
でじゃぶ?
http://d.hatena.ne.jp/noushibou/20080413/1208074668
じつは2008年にKillBit設定したままで解除していなかったりします。(^^ゞ
QuickTimeに関しては他に
Secunia Advisory SA41123 QuickTime PictureViewer Insecure Library Loading Vulnerability
もあり。