Descriptors leak on MS-Expand and CAB files.
vulners.com/securityvulns/securityvulns:doc:9002
vulners.com/securityvulns/securityvulns:doc:9003