Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.
https://exchange.xforce.ibmcloud.com/vulnerabilities/38281
https://exchange.xforce.ibmcloud.com/vulnerabilities/38280
http://www.zerodayinitiative.com/advisories/ZDI-07-067.html
http://www.zerodayinitiative.com/advisories/ZDI-07-066.html
http://www.vupen.com/english/advisories/2007/3723
http://www.us-cert.gov/cas/techalerts/TA07-310A.html
http://www.securitytracker.com/id?1018894
http://www.securityfocus.com/bid/26345
http://www.securityfocus.com/archive/1/483313/100/0/threaded
http://www.securityfocus.com/archive/1/483311/100/0/threaded
http://www.kb.cert.org/vuls/id/690515
http://securityreason.com/securityalert/3351
http://secunia.com/advisories/27523
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html