CVE-2011-3248
Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime movie file.
Date published : 2011-10-27
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html