16-bit counter overflow leads to ability of code execution on parsing cookie.
vulners.com/securityvulns/securityvulns:doc:16230
vulners.com/securityvulns/securityvulns:doc:16232