Skip to main content

CVE-2006-2906

Severity Medium
Score 5.4/10

Summary

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.

  • HIGH
  • NETWORK
  • NONE
  • NONE
  • NONE
  • COMPLETE

References

Advisory Timeline

  • Published