CVE-2005-4810
Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attackers to cause a denial of service (crash) via a "text/html" HTML Content-type header sent in response to an XMLHttpRequest (AJAX).
Date published : 2006-08-29
http://archives.neohapsis.com/archives/bugtraq/2005-07/0434.html