Ok this is somewhat of an issue, but...
If I understand what they're describing, it's a way to bypass the filter you can pass to the HTML "input type=file" file selector control, that will let you pick a file named something like "evilcode.asp;.jpg", and then once posted, this would show up in the values that the upload-processing page would get as "evilcode.asp;.jpg", in which case poor validation code might not catch it, and if that code were to use that file name to write the file to an IIS-readable folder (say, for an avatar as in the example), then it would end up on the disk as "evilcode.asp".
For this to be any sort of threat, doesn't it require some major programming/security failures on the part of the developer in the first place?
1) The programmer trusted the client-side file extension filter
2) The programmer's upload validation code did not catch the bad name
3) The programmer used the client-supplied name instead of saving said avatar to something like "avatar12345.jpg"
4) The security context the web site runs in has write-access to an EXECUTABLE folder, which is a disaster waiting to happen in the first place (someone needs to get fired over this)
While there is definitely something fishy going on because of the way .asp;.jpg can eventually transform into .asp while handling the file, if a site is set up in such a way that this can be exploited, then we're dealing with a site managed by people that don't have the slightest clue about security in the first place...