Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a βFile://β URI followed by an 8-bit character. NOTE: some third parties were unable to verify this issue.