Cygwin is "a Linux-like environment for Windows which consists in a dll binary (cygwin1.dll) whichs emulates Linux api, and a set of tools which provide Linux look and feel". A vulnerability in Cygwin's filename length checking mechanism allows local attackers to overflow an internal buffer and cause the execution of arbitrary code.

http://www.securiteam.com/windowsntf...C0031FKKQ.html