The specific flaw exists within the handling of XML files. When parsing the szFilename attribute of the MulStatus element. This update adds CVE number.
CVE Link
Exploit Platform
Exploit Type
Product Name