Offensive Security has received a posting to their Exploit Database from Dr_IDE that takes advantage of a memory corruption in the QuickTime Library used for a host of Mac OSX applications. This does include QuickLook which will cause a crash to be generated if the file is loaded in Icon view in finder. The proof of concept may be altered to allow an attacker the capability to execute code or produce an Application Crash, it is also possible to use this vulnerability in a remote attack if the attacker is sophisticated. (The URL can be altered very easily in a HEX editor.) The malformed file with codec header can be viewed in FIG. 1.
Fig 1
At this stage it appears to crash the application, the malformed file is not detected by Mac anti-virus software. Users current defense is to only open and view files from a trusted source and update to the latest version of QuickTime. Remember if you have any doubts about the source then there is no reason to open or load the file on your systems. Additional use of a far more robust firewall which filters incoming and outgoing traffic should also be used locally on the Mac. (ipfw is a great start) These types of files can also be prevented at a proxy or advanced firewall system which can be purchased from from vendors such as WatchGuard or Cisco. Various configuration can drop files that have more the three "characters" together which are very common in POC that are rarely altered by unsophisticated attackers.
It is to be expected that as the popularity of the platform grows so does the interest by crackers. To employ an exploit such as this little tactical effort is needed. However strict defensive measures can mitigate an attack vector such as this.