CERT Advisory TA04-099A - A cross-domain scripting vulnerability in Microsoft Internet Explorer (IE) could allow an attacker to execute arbitrary code with the privileges of the user running IE. The attacker could also read and manipulate data on web sites in other domains or zones.
45b5d0160e0525654903fd7af4653ab79ae3fdd6b7c8b72ed954e36b0b24feba