Microsoft Windows Mail and Outlook Express are "the default mail and news clients for Windows operating systems". Remote exploitation of a heap overflow in Microsoft Corp.'s Windows Mail and Outlook Express NNTP clients may allow an attacker to execute code with the privileges of the logged on user.

http://www.securiteam.com/windowsntfocus/6T00B00K0A.html