A flaw in the SmartHTML Interpreter contained in Microsoft Corp.'s FrontPage Server Extensions (FPSE) could enable an attacker to run malicious code or to instigate a denial-of-service attack, Microsoft said in a security advisory late yesterday.