CVE-2009-0671 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0671): Format string vulnerability in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit imap-2007d and other applications, allows remote attackers to execute arbitrary code via format string specifiers in the initial request to the IMAP port (143/tcp).
Red Hat is disputing this issue, see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0671
The CVE will be REJECTED, both upstream and other researchers could not confirm this report.