{"id":"CVE-2006-2906","details":"The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.","modified":"2026-04-10T03:38:28.958946Z","published":"2006-06-08T16:06:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/20500"},{"type":"ADVISORY","url":"http://secunia.com/advisories/20571"},{"type":"ADVISORY","url":"http://secunia.com/advisories/20676"},{"type":"ADVISORY","url":"http://secunia.com/advisories/20853"},{"type":"ADVISORY","url":"http://secunia.com/advisories/20866"},{"type":"ADVISORY","url":"http://secunia.com/advisories/20887"},{"type":"ADVISORY","url":"http://secunia.com/advisories/21050"},{"type":"ADVISORY","url":"http://secunia.com/advisories/21186"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23783"},{"type":"ADVISORY","url":"http://www.debian.org/security/2006/dsa-1117"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:112"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:113"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:122"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2006_31_php.html"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/2174"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/archive/1/436132"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/18294"},{"type":"WEB","url":"http://securityreason.com/securityalert/1067"},{"type":"WEB","url":"http://www.trustix.org/errata/2006/0038"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26976"},{"type":"WEB","url":"https://issues.rpath.com/browse/RPL-939"},{"type":"WEB","url":"https://usn.ubuntu.com/298-1/"}],"schema_version":"1.7.5"}