5

CVE-2007-4521

Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an "invalid/corrupted" MIME body, which triggers a crash when the recipient listens to voicemail.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AsteriskAsterisk Version1.4.5
AsteriskAsterisk Version1.4.6
AsteriskAsterisk Version1.4.7
AsteriskAsterisk Version1.4.8
AsteriskAsterisk Version1.4.9
AsteriskAsterisk Version1.4.10
AsteriskAsterisk Version1.4.11
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3% 0.856
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://downloads.digium.com/pub/asa/AST-2007-021.html
http://secunia.com/advisories/26601
Vendor Advisory
http://secunia.com/advisories/26602
Vendor Advisory
http://securityreason.com/securityalert/3065
http://www.securityfocus.com/archive/1/477729/100/0/threaded
http://www.securityfocus.com/bid/25438
http://www.securitytracker.com/id?1018606
http://www.vupen.com/english/advisories/2007/2978
https://exchange.xforce.ibmcloud.com/vulnerabilities/36261