Write-up called Hacking with MHTML protocol handler. This discusses cross site scripting via uploading a mhtml file, cross site scripting via mthml-file string injection, bypassing X-Frame-Options, an Adobe Reader cross site scripting issue, and more.
You can download it from the following link: https://packetstormsecurity.com/files/download/97563/hacking-withmhtml.txt
Source: https://packetstormsecurity.com/files/97563/Hacking-With-MHTML-Protocol-Handler.html