This vulnerability restricts information from other domains via an object tag. A data parameter within that tag references a link on the attacker's originating site. The link on the attacker's originating site then specifies a Location HTTP header on a target site. The flaw makes that potentially malicious content available through the outerHTML attribute of the object.
On August 8, 2006, Microsoft issued MS06-040, a cumulative patch for Internet Explorer, that addresses this vulnerability.