CVE-2007-0617

2007-01-31T11:28:00
ID CVE-2007-0617
Type cve
Reporter cve@mitre.org
Modified 2017-07-29T01:30:00

Description

The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions. Medium complexity because phishing attack