MRxSmbCscIoctlOpenForCopyChunk buffer overflow. In additions, there are DoS vulnerabilities not covered by MS06-30.
vulners.com/securityvulns/securityvulns:doc:13142
vulners.com/securityvulns/securityvulns:doc:13147
vulners.com/securityvulns/securityvulns:doc:13151
vulners.com/securityvulns/securityvulns:doc:13153
vulners.com/securityvulns/securityvulns:doc:13155
vulners.com/securityvulns/securityvulns:doc:13212