Apple released Security Update 2013-003 for Mac OS X 10.8.4 (Mountain Lion), 10.8.4 Server, 10.7.5 (Snow Leopard), 10.7.5 Server, 10.6.8 (Lion) and 10.6.8 Server.
This is the third standalone security update Apple released this year.
The update’s advisory note said there are three QuickTime flaws, specifically buffer overflows when handling Sorenson-encoded movies and H.264 movies, and a buffer underflow when handing “mvhd” atoms.
The problems can lead to application crashes or, in the worst case, allow arbitrary code execution. All three flaws came from researchers working with HP’s Zero Day Initiative.
Updates are available through the Mac OS X built-in Software Update system or a user can download them from Apple’s Support Downloads page. Installing the update will require a reboot of the system.