Skip to main content

CVE-2007-4521

Severity Medium
Score 5/10

Summary

Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an "invalid/corrupted" MIME body, which triggers a crash when the recipient listens to voicemail.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published