Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EarthLink TotalAccess 'SpamBlocker.dll' ActiveX控件不安全路径错误
Vulnerability Description
Earthlink TotalAccess的SpamBlocker.dll ActiveX控件被标明"对脚本是安全的",远程攻击者可以借助(1)AddSenderToWhitelist和(2)AddDomainToWhitelist函数,添加任意邮件地址并界定拦截优良名单的范围。
CVSS Information
N/A
Vulnerability Type
N/A