It's possible to launch executable attached to e-mail message by specifying it as image source.
vulners.com/securityvulns/securityvulns:doc:2665