It's common knowledge that most viruses are spread via files or macros. However, something that I find popping up from time to time is the statement that you can get a virus by just simply reading an e-mail (i.e. a web interface such as Yahoo or Hotmail, or in Outlook / Outlook Express which support HTML formatted e-mails). The theory is that in the HTML e-mail, there can exist some malicious script code.

Anyone care to elaborate on this as to it being a myth or truth?