Internet Explorer is "a graphical web browser developed by Microsoft Corp. and included as part of Microsoft Windows since 1995. The setExpression method is commonly used to assign a JavaScript expression to a CSS or DHTML object within a web page". Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Internet Explorer web browser allows attackers to execute arbitrary code in the context of the current user.

http://www.securiteam.com/windowsntfocus/6H00D0UKKM.html