CVE-2012-3751

Name of the Vulnerable Software and Affected Versions Apple QuickTime versions prior to 7.7.3

Description The issue is related to a use-after-free vulnerability in the plugin, which can be exploited by remote attackers through an HTML document with a crafted qtactivex parameter in an OBJECT element. This can lead to the execution of arbitrary code or cause a denial of service, resulting in an application crash.

Recommendations For versions prior to 7.7.3, update to version 7.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to HTML documents with crafted OBJECT elements until the update is applied.