Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem.
http://www.iss.net/security_center/static/7661.php
http://archives.neohapsis.com/archives/bugtraq/2001-12/0034.html
http://archives.neohapsis.com/archives/bugtraq/2001-12/0008.html