“LMH” and Kevin Finisterre have begun the Month of Apple Bugs initiative. The initiative kicks off with a description of a flaw that affects QuickTime 7.1.3. “Exploitation of this issue is trivial,” the programmers said. The problem reported affects the current shipping version on both Mac OS X and Microsoft Windows. The only workaround for it is to disable the rtsp:// URL handler, uninstall QuickTime or “live with the feeling of being a potential target for pwnage””]
Source: https://www.csoonline.com/article/2121496/apple-quicktime-exploit-allows-remote-code-execution.html