CVE-2007-0617
CVE-2007-0617 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.
Learn more about our Web Application Penetration Testing UK.