Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long string attribute.
http://www.vupen.com/english/advisories/2006/0032
http://www.securityfocus.com/bid/16136