Privilege escalation during parsing files with COM structure (e.g. MS Office), buffer overflow on OLE objects, including MS Exchange MS-TNEF data format.
vulners.com/securityvulns/securityvulns:doc:7772