CVE-2006-2906

Thomas Boutell graphics draw <2.0.33 - DoS

Title source: llm

Description

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Xavier Roche · cdoslinux
https://www.exploit-db.com/exploits/27981

References (22)

... and 2 more

Scores

EPSS 0.1527
EPSS Percentile 94.6%

Details

Status published
Products (1)
thomas_boutell/graphics_draw_library 2.0.33
Published Jun 08, 2006
Tracked Since Feb 18, 2026