Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
https://exchange.xforce.ibmcloud.com/vulnerabilities/917
http://support.microsoft.com/support/kb/articles/q176/6/97.asp