Hong10

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 7 through 8 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by calling the JavaScript `findText` method with a crafted Unicode string in the first argument and only one additional argument. For example, a second argument of `-1` can be used to demonstrate this issue. **Recommendations** For Microsoft Internet Explorer versions 7 and 8, consider disabling JavaScript as a temporary workaround until a patch is available. Restrict access to potentially malicious websites to minimize the risk of exploitation.