NULL pointer is possible on executable file parsing. In case patches against this vulnerability are installed there is a new vulnerability with kernel mode buffer overflow.
vulners.com/securityvulns/securityvulns:doc:5357
vulners.com/securityvulns/securityvulns:doc:5424