There is a security problem with shtml.exe that allows anyone to explore the local path of IIS web server.
a81fefb3352747deb54240fa5b25c5a5809579acbd6503684344b867038b8d8f
Winmail 3.05 for Windows NT allows any file on the system to be read. Exploit code included.
3c466966794ec9932d49f5ff0255e8dff719b5b35bee9762550d2f934821973f