A flaw in the implementation of Microsoft's Troubleshooter technology could lead to remote code execution if a crafted .diagcab file is opened by the victim. The exploit leverages a rogue webdav server to trick MSDT to drop files to attacker controller locations on the file system.
cbe54b81542a05ea1e6eca61a96e5a5cf9a912e2b9399db4856ff9dcd2335482