Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command.
http://www.securityfocus.com/bid/12711
http://www.securityfocus.com/archive/1/391960