Security Explorations does not agree with Apple’s evaluation of a vulnerability they reported. They have decided to release proof of concept code to demonstrate a bypass vulnerability in Apple QuickTime Java extensions.
See the original post here:
Apple QuickTime Security Bypass