CVE-2008-2829 - Internal Sunlight


php_imap.c in PHP 5.2.5 5.2.6 4.x and other versions uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request which triggers an \rfc822.c legacy routine buffer overflow\ error message related to the rfc822_write_address function.