Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT element, as demonstrated by reading a name-value pair from a local file via a \\127.0.0.1\C$\ sequence. CVSS score based on update to http://www.nsfocus.com/en/2012/advisories_1228/119.html:
"An attacker would not be able to discover information or files
on a system that they do not already know the name and file path.
They have to guess the path and name. "
Per: http://www.nsfocus.com/en/2012/advisories_1228/119.html
'Internet Explorer version 6 through 9 are affected..'
Publication date: Tue, 22 Jan 2013 21:55:00 +0000