A couple of interesting vulnerabilities covered in todays release, first one is for Microsoft Windows:
Microsoft Windows GDI Buffer Overflow:
A programming error in the Microsoft Windows kernel may allow a remote attacker to execute code with system level privileges. This may be exploited when specially crafted EMF files are viewed using Microsoft Internet Explorer.
Second one concerns Mozilla Firefox:
Mozilla Firefox XSL Buffer Overflow:
A programming error in Mozilla Firefox may allow a remote attacker to execute code on a victim machine. The error is exposed when the application attempts to process an XML file that has a specially crafted XSLT transform.
As always, details are available here: