cpe:/a:php:php:4.4.9 cpe:/a:php:php:5.2.5 cpe:/a:php:php:5.2.6 cpe:/o:canonical:ubuntu_linux:6.06::~~lts~~~ cpe:/o:canonical:ubuntu_linux:7.04 cpe:/o:canonical:ubuntu_linux:7.10 cpe:/o:canonical:ubuntu_linux:8.04::~~lts~~~ CVE-2008-2829 2008-06-23T16:41:00.000-04:00 2019-10-09T18:55:55.220-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20090302 rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl BID 29829 SECUNIA 31200 SECUNIA 32746 SECUNIA 35074 SECUNIA 35306 SECUNIA 35650 OSVDB 46641 VUPEN ADV-2009-1297 APPLE APPLE-SA-2009-05-12 FEDORA FEDORA-2009-3768 FEDORA FEDORA-2009-3848 GENTOO GLSA-200811-05 HP HPSBUX02431 HP HPSBUX02465 MANDRIVA MDVSA-2008:126 MANDRIVA MDVSA-2008:127 MANDRIVA MDVSA-2008:128 HP SSRT090085 HP SSRT090192 SUSE SUSE-SR:2008:027 CERT TA09-133A UBUNTU USN-628-1 MLIST [oss-security] 20080619 CVE request: php 5.2.6 ext/imap buffer overflows MLIST [oss-security] 20080624 Re: CVE request: php 5.2.6 ext/imap buffer overflows MISC http://bugs.php.net/bug.php?id=42862 CONFIRM http://support.apple.com/kb/HT3549 CONFIRM http://wiki.rpath.com/Advisories:rPSA-2009-0035 CONFIRM https://bugs.gentoo.org/show_bug.cgi?id=221969 XF php-phpimap-dos(43357) php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function.