Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability."
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A761
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072
http://www.vupen.com/english/advisories/2006/4966
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
http://www.securityfocus.com/bid/21552
http://www.securityfocus.com/archive/1/454969/100/200/threaded
http://www.securityfocus.com/archive/1/454205/100/0/threaded
http://www.kb.cert.org/vuls/id/599832
http://securitytracker.com/id?1017373