source: http://www.securityfocus.com/bid/7539/info

Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be executed in the Local Computer zone. 

http://www.exploit-db.com/sploits/22575.rar