Apple has released Security Update 2007-001 to correct a buffer overflow vulnerability in
Apple QuickTime. The flaw is in the way that QuickTime handles
Real Time Streaming Protocol (RTSP) URL strings. By persuading a
user to access a specially crafted QuickTime file, a remote
attacker may be able to execute arbitrary code or cause a denial
of service on a vulnerable system. US-CERT is also aware of
publicly available proof-of-concept code that exploits this
vulnerability.

http://www.us-cert.gov/current/current_activity.html#apup0701