CVE-2007-0617
The CVE-2007-0617 entry involves Earthlink TotalAccess’s SpamBlocker.dll ActiveX control, which is labeled “safe for scripting.” This misclassification enables a remote attacker to modify the spam‑blocker whitelist by invoking AddSenderToWhitelist or AddDomainToWhitelist, allowing arbitrary addre...