So the latest exploit in MS IE, and MS Outlook use XML. So that's kinda fun.
Basically an MS XML Data Island can be used to hold a CDATA section with a tag in the text part. Then IE can use that CDATA section output in the browser to get the browser to load up an activeX control, bypassing IE's security settings. Sweeeeeet.
Also I see that Macromedia Flash 5 allows you to save the current timeline to disk, however if you hack the Flash to put a