This proof of concept code demonstrates a Microsoft Windows XP keyboard layouts pool corruption vulnerability, post MS12-034. The vulnerability exists in the function win32k!ReadLayoutFile() that parses keyboard layout file data.
54effee805a222747d3e4ec5807005657d3668ba3d5cbbdb7f184fa0ed2f64c3