The SonicWALL Global VPN Client "provides mobile users with access to mission-critical network resources by establishing secure connections to their office network's IPSec-compliant SonicWALL VPN gateway". SonicWALL Global VPN Client suffers from a format string vulnerability that can be triggered by supplying a specially crafted configuration file. This vulnerability allows an attacker to execute arbitrary code in the context of the vulnerable client. For a successful attack, the attacker would have to entice his victim into importing the special configuration file.

http://www.securiteam.com/windowsntfocus/6L00315KKK.html