There’s a “Highly Critical” vulnerability that exists in the Apple QuickTime handling of rtsp:// URLs which was reported by NIST (National Institute of Standards and Technology).
The bug was discovered by LMH, a MOAB organizer who hasn’t disclosed his name.
So if you use Quicktime for your rich media content you should be aware of the vulnerability that exists in the software.
NIST stated that the only way to prevent the vulnerability is to disable the rtsp:// URL handler or uninstall QuickTime all together. So if you’re one of those avid movie watchers or MySpace fans you should be warned that you should uninstall the program you could be attacked by malicious code on web pages and could take over a system.
There is no patch available at this time.