CVE-2009-2954
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.
Date published : 2009-08-24
http://www.securityfocus.com/archive/1/506006/100/0/threaded