Earthlink : Security Vulnerabilities, CVEs, CVSS score >= 2
The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.
Max CVSS
6.8
EPSS Score
1.10%
Published
2007-01-31
Updated
2017-07-29
1 vulnerabilities found