Reported March 29, 2001, by Microsoft.
- Internet Explorer 5.01 and 5.5
By modifying the MIME header in the email message, a malicious attacker can cause Internet Explorer (IE) to automatically launch attachments. An attacker can instigate such an attack by embedding a malicious email message in a Web site, or by sending email directly to a user.
Microsoft has issued security bulletin MS01-020 and a fix to address this vulnerability.CREDIT
Discovered by Juan Carlos Cuartango.