http://www.us-cert.gov/cas/techalerts/TA04-099A.
A cross-domain scripting vulnerability in Microsoft Internet Explorer (IE) could allow an attacker to execute arbitrary code with the privileges of the user running IE. The attacker could also read and manipulate data on web sites in other domains or zones.
There’s a demo here: http://ip3e83566f.speed.planet.nl/security/newone/exploit.htm
If you use windows media player, back up C:/Program Files/Windows Media Player/wmplayer.exe before running the demo 
