Security Advisory

CVE-2007-0617

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-01-31 11:00:00

Last updated 2024-08-07 12:26:54

Assigner mitre

State PUBLISHED

Description

The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.

← Browse all CVEs View on cve.org ↗