Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote malicious users to execute arbitrary commands via a long HREF parameter in an EMBED tag.
source: wwwsecurityfocuscom/bid/2328/info
Apple Quicktime plugin for Windows is vulnerable to a remote buffer overflow
A maliciously-constructed web link statement in a remote HTML document, which contains excess data argumenting an EMBED tag, could permit execution of hostile code
/*================================================== ...