CVE-2007-0617

2007-01-31T06:28:00
ID CVE-2007-0617
Type cve
Reporter NVD
Modified 2017-07-28T21:30:17

Description

The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.