Memory corruptions, crossite scripting, grame spoofing, RSA signature forgery, Auto update man-int-the-middle attacks. XBL javascript execution with e-mail.
vulners.com/securityvulns/securityvulns:doc:14287