System Compromise: Remote attackers can gain control of the vulnerable system.
Description
This indicates an attack attempt against a cross-site scripting vulnerability in Microsoft Internet Explorer.
A vulnerability has been reported in IE that may allow an attacker to execute arbitrary script. This is possible because the vulnerable browser fails to properly sanitize the the argument of res: URI to navcancl.htm. An attacker may include malicious script by supplying an injection string through the URL.