CVE-2006-4484

EPSS 6.4%

Published: 8/31/2006Modified: 4/28/2026

Description

Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

Affected packages (2)

Debian/libgd2from 0, < 2.0.33-5.1
Debian/xloadimagefrom 0

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-4484