Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-23	CVE-2004-0841	Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." network low complexity microsoft avaya	5.0
2004-08-18	CVE-2004-0839	Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". network low complexity microsoft avaya nortel	5.0
2004-08-06	CVE-2004-0215	Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. network low complexity avaya microsoft	5.0