Found this newsbytes article on a newish IE Scripting hole, which exploits the GetObject() function of MS JScript and ActiveX Controls allows access to local files.


Read the Article Here