CVE-2006-5581
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."
Date published : 2006-12-12
http://www.securityfocus.com/bid/21546
http://www.securityfocus.com/archive/1/454210/100/0/threaded