Apparently you can use link table printing to run arbitrary java script.

In Internet Explorer, most local scripts run in the internet zone, but the printing script runs in the Local Machine Zone. This opens up the security hole, allowing any injected JavaScript to execute arbitrary code on the userís machine.
Users are advised to refrain from printing web pages with link tables until Microsoft has released a patch.
Story is here: