Nine of the flaws are present in QuickTime and are deemed "highly critical" by vulnerability tracking firm Secunia.
Most of the bugs are buffer overflow or memory corruption issues -- and they can be exploited when a user is tricked into watching a malicious movie file, which leads to a system crash or arbitrary code execution, according to an Apple advisory. Four of the nine QuickTime holes impact Windows Vista and XP machines, while the others affect Mac OS X platforms.
On the iTunes side, one of the bugs relates to a misleading warning screen that says unblocking iTunes Music Sharing doesn't affect firewall security when it actually does, according to another advisory. The other flaw is an integer overflow issue whereby a local user could gain unauthorized system privileges.
Apple advises users to upgrade to QuickTime 7.5.5 and iTunes 8.0.