Hardened PHP Project Security Advisory – Dotdeb PHP versions below 5.2.0 revision 3 suffer from an email header injection vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/52164/advisory_142006.139.txt
Source: https://packetstormsecurity.com/files/52164/Hardened-PHP-Project-Security-Advisory-2006-14.139.html