Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability
A proof of concept is available from the following location:
CORE has developed a working commercial exploit for their IMPACT
product. This exploit is not otherwise publicly available or known
to be circulating in the wild.
An additional exploit has been made available by Berend-Jan Wever; the integrity of this exploit has not been verified by Symantec: