5.4
CVE-2006-2906
- EPSS 10.17%
- Veröffentlicht 08.06.2006 16:06:00
- Zuletzt bearbeitet 16.06.2026 22:26:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Thomas Boutell ≫ Graphics Draw Library Version2.0.33
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.17% | 0.951 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.4 | 4.9 | 6.9 |
AV:N/AC:H/Au:N/C:N/I:N/A:C
|
http://secunia.com/advisories/21050
http://www.mandriva.com/security/advisories?name=MDKSA-2006:113
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122
http://secunia.com/advisories/20866
http://secunia.com/advisories/23783
https://issues.rpath.com/browse/RPL-939
http://secunia.com/advisories/20676
http://www.novell.com/linux/security/advisories/2006_31_php.html
http://secunia.com/advisories/20500
http://secunia.com/advisories/20571
http://secunia.com/advisories/20853
http://secunia.com/advisories/20887
http://secunia.com/advisories/21186
http://securityreason.com/securityalert/1067
http://www.debian.org/security/2006/dsa-1117
http://www.mandriva.com/security/advisories?name=MDKSA-2006:112
http://www.securityfocus.com/archive/1/436132
http://www.securityfocus.com/bid/18294
http://www.trustix.org/errata/2006/0038
http://www.vupen.com/english/advisories/2006/2174
https://exchange.xforce.ibmcloud.com/vulnerabilities/26976
https://usn.ubuntu.com/298-1/