A bug report submitted to Bugtraq claims a vulnerability lies in Internet Explorer 6 when run on Windows 2000 pro, and XP.
"The normal behaviour when a page fails to load is to press the backbutton.
The error page shown by IE is operating in the local computer zone (res://C:\WINNT\System32\shdoclc.dll/dnserror.htm# on Win2000). Thus, we can execute code and read local files."
Microsoft has not made any comment on the issue.