Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows remote attackers to execute arbitrary code via unknown vectors involving instantiation by Internet Explorer.