Microsoft Internet Explorer (IE) JPEG Rendering Bugs Let Remote Users Deny Service
Several vulnerabilities were reported in Microsoft Internet Explorer (IE) in the parsing of images. A remote user can cause denial of service conditions. A remote user can create a specially crafted JPEG image that, when loaded by IE, will cause the target user's browser to crash.
Some demonstration exploit examples are available at http://lcamtuf.coredump.cx/crash/
The report indicates that in some cases, the image rendering code makes unbounded, user-affected memory accesses. This may allow for code execution, but that was not confirmed in the report.
Michal Zalewski reported this vulnerability.
Impact: A remote user can cause the target user's browser to crash.
SecurityTracker
Also in Securiteam entitled Internet Explorer's Image Decoder Multiple Vulnerabilities