Unrated severityNVD Advisory· Published Jun 8, 2006· Updated Apr 16, 2026
CVE-2006-2906
CVE-2006-2906
Description
The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.
Affected products
1- cpe:2.3:a:thomas_boutell:graphics_draw_library:2.0.33:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
22- www.securityfocus.com/archive/1/436132nvdExploit
- www.securityfocus.com/bid/18294nvdExploit
- secunia.com/advisories/20500nvdVendor Advisory
- secunia.com/advisories/20571nvd
- secunia.com/advisories/20676nvd
- secunia.com/advisories/20853nvd
- secunia.com/advisories/20866nvd
- secunia.com/advisories/20887nvd
- secunia.com/advisories/21050nvd
- secunia.com/advisories/21186nvd
- secunia.com/advisories/23783nvd
- securityreason.com/securityalert/1067nvd
- www.debian.org/security/2006/dsa-1117nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_31_php.htmlnvd
- www.trustix.org/errata/2006/0038nvd
- www.vupen.com/english/advisories/2006/2174nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26976nvd
- issues.rpath.com/browse/RPL-939nvd
- usn.ubuntu.com/298-1/nvd
News mentions
0No linked articles in our index yet.