CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Earthlink: Security Vulnerabilities

CVE-2007-0617

The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.

CVSS Score

6.8

EPSS Score

0.005

Published

2007-01-31

Page 1

Vulnerabilities

Vulnerable Software

Earthlink: Security Vulnerabilities

Products

Pricing

Contact Us