IE and Outlook May Run Arbitrary Code
Reported March 14, 2000 by Georgi Guninski
Georgi discovered that a user could place a .chm file in the TEMP directory where that file could contain a "shortcut" command. When the file is opened with the showHelp() procedure, any listed programs could be executed by the operating system.DEMONSTRATION Such a problem could be used to launch an attack against an unsuspecting user of Outlook. Code similar to the following may cause a program to run on a remote desktop.
<IFRAME align=3Dbaseline alt=3D""
Microsoft is aware of this issue, however no response was known at the time of this writing.