CVE-2007-4521

Name of the Vulnerable Software and Affected Versions Asterisk Open Source versions 1.4.5 through 1.4.11

Description The issue allows remote attackers to cause a denial of service via an e-mail with an invalid/corrupted MIME body, which triggers a crash when the recipient listens to voicemail. This occurs when Asterisk Open Source is configured to use an IMAP voicemail storage backend.

Recommendations For versions 1.4.5 through 1.4.11, consider disabling the IMAP voicemail storage backend as a temporary workaround until a patch is available. Restrict access to voicemail to minimize the risk of exploitation.