There is currently in the wild an HTML script that exploits an unpatched vulnerability in Microsoft Internet Explorer. The vulnerability is in the way IE handles thousands of script handlers such as onClick on a single Web page. This causes the browser to crash. Other browsers like FireFox are reportedly not affected by this.

Trend Micro’s HTML_SCRIPTACT.A is the detection for pages that exploit this vulnerability, while McAfee’s detection is Exploit-ScriptAction.

Security Focus cites a demonstration page. Try clicking this if you dare.