Macrovision InstallShield InstallScript One-Click Install (OCI) is "a web based installer technology that allows software publishers to distribute minimal installer packages which allow end users to select components to install. Upon first visiting such a website, the user is prompted to install the ActiveX control". Remote exploitation of an untrusted library loading vulnerability in Macrovision's InstallShield InstallScript One-Click Install ActiveX control allows remote attackers to execute code with the privileges of the currently logged in user.

http://www.securiteam.com/windowsntf...CP010AO0E.html