Risk: High
Two vulnerabilities have been found in Apple's QuickTime, which if exploited, can allow malicious people to compromise a user's system.
The vulnerabilities are explained by Secunia:
"A design error in the security restrictions on subclasses of QTObject can be exploited by untrusted Java code to allow subclassing of QuickTime objects that call unsafe functions from QTJava.dll resulting in reading and writing of arbitrary memory. Successful exploitation allows execution of arbitrary code on Windows and OS X systems when a user visits a malicious web site using a Java-enabled browser.'
'A design error within the handling of Java applets can be exploited to read the browser's memory when a user visits a malicious website containing a malicious Java applet."