Digium · Asterisk Open Source · CVE-2007-4521
**Name of the Vulnerable Software and Affected Versions**
Asterisk Open Source versions 1.4.5 through 1.4.11
**Description**
The issue allows remote attackers to cause a denial of service via an e-mail with an invalid/corrupted MIME body, which triggers a crash when the recipient listens to voicemail. This occurs when Asterisk Open Source is configured to use an IMAP voicemail storage backend.
**Recommendations**
For versions 1.4.5 through 1.4.11, consider disabling the IMAP voicemail storage backend as a temporary workaround until a patch is available. Restrict access to voicemail to minimize the risk of exploitation.