Kevin Stewart

**Name of the Vulnerable Software and Affected Versions** Asterisk Open Source versions 1.4.5 through 1.4.11 **Description** The issue allows remote attackers to cause a denial of service via an e-mail with an invalid/corrupted MIME body, which triggers a crash when the recipient listens to voicemail. This occurs when Asterisk Open Source is configured to use an IMAP voicemail storage backend. **Recommendations** For versions 1.4.5 through 1.4.11, consider disabling the IMAP voicemail storage backend as a temporary workaround until a patch is available. Restrict access to voicemail to minimize the risk of exploitation.