The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
https://exchange.xforce.ibmcloud.com/vulnerabilities/32474
http://www.vupen.com/english/advisories/2007/0597
http://www.securityfocus.com/bid/22549
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml