A bit of hacking around and I managed to download the binary of the ActiveX control (under Linux of course). It's a .cab file called view.cab. I then extracted the actual ActiveX control from the .cab file - a file called com1024.dll. Running strings on this file gave a very small list of possible candidate URLs that the camera responds to. A quick bit of trial and error with wget determined that the camera would send some sort of video data in response to a request like this 'http://camera/cgi-bin/Stream?Video?Acc=account?Pwd=pass?webcamPWD=FREE' where account is your setup account name and pass is the corresponding password and camera is the name or IP of the camera.
Next step was to decipher the video data that I got. Fortunately, that was very simple - the camera simply sends a sequence of JPEG files with a short preamble beforehand which doesn't seem very meaningful. A downside of this is that the camera doesn't follow any standard that I could determine (and in fact the JPEG files that the camera sends are not standards compliant either!).
So, what to do?
I wrote a small wrapper program in Python that makes the camera appear to be a standards compliant camera (well largely).
Download the wrapper: maxipcam-wrapper-0.8.py
With BASIC authentication support.
Older versions: maxipcam-wrapper-0.7.py maxipcam-wrapper-0.6.py maxipcam-wrapper-0.5.py maxipcam-wrapper-0.1.py
I use the wrapper with zoneminder which works fine.
You should also be able to point a web browser at the address http://host:port/ where host is the name or IP address of the computer running the wrapper and port is the local port that you set (default is 8000). I've had issues with some browsers not actually displaying the images as data arrives - I think this was a browser bug.