CVE-2006-5585
The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."
Date published : 2006-12-12
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
http://www.securityfocus.com/archive/1/454969/100/200/threaded