A flaw exists in Microsoft Internet Explorer 5.x-6.0 that allows a remote attacker to execute a file using chm in showHelp().
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/32421/ie_showHelp.txt
Source: https://packetstormsecurity.com/files/32421/ie_showHelp.txt.html