The US Computer Emergency Readiness Team released a RTSP Content-Type header stack buffer overflow vulnerability affecting QuickTime 7.3, and indirectly iTunes 7.5, running on Windows:
Overview
Apple QuickTime contains a stack buffer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition.
Description
Real Time Streaming Protocol (RTSP) is a protocol that is used by streaming media systems. The Apple QuickTime Streaming Server and QuickTime player both support for RTSP.
Apple QuickTime contains a stack buffer overflow vulnerability in the way QuickTime handles the RTSP Content-Type header. This vulnerability may be exploited by convincing a user to connect to a specially crafted RTSP stream. Note that QuickTime is a component of Apple iTunes, therefore iTunes installations are also affected by this v
