PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2008-2829

php_imap.c in PHP 5.2.5 5.2.6 4.x and other versions uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request which triggers an quotrfc822.c legacy routine buffer overflowquot error message related to the rfc822_write_address function.