COM object can execute code. Can be used for hidden malware installation with Internet Explorer.
vulners.com/securityvulns/securityvulns:doc:12168