CVE-2007-0617

CVE-2007-0617 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.

Learn more about our Web Application Penetration Testing UK.