exploitDog

CVE-2007-0617

Опубликовано: 31 янв. 2007

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:earthlink:total_access:*:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00823

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-f8rm-hq6f-q9qm

github

почти 4 года назад

The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.

EPSS

Процентиль: 74%

0.00823

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other