CVE-2007-0811 Information

Description

Microsoft Internet Explorer 6.0 SP1 on Windows 2000 and 6.0 SP2 on Windows XP allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body possibly involving getElementById.

Reference

http://osvdb.org/37636 http://www.powerhacker.net/exploit/IE_NULL_CRASH.html http://www.securityfocus.com/bid/22408 https://www.exploit-db.com/exploits/3272