Mandriva Linux Security Advisory - A vulnerability in perl-Tk was found where specially crafted GIF images could crash perl-Tk (an identical issue to that found in php-gd, gd, and SDL_image).
a303f36207cdb807c2376a390405fc6c2cb0d327ee305b92466d923ef1c01921
Mandriva Linux Security Advisory - Buffer overflow in the LWZReadByte() function in gd_gif_in.c in GD prior to 2.0.34 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array. This was originally fixed in PHP's embedded GD with MDKSA-2006:162; patches had not been applied to the system libgd at that time.
75a743379f48b6ad6a3bc634014ed7d730aae593d12cd133a70e5ea462fbefd2
Mandriva Linux Security Advisory MDKSA-2006-162 - The file_exists and imap_reopen functions in PHP before version 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. A buffer overflow in the LWZReadByte function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before version 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
643f06d3c36b031840d60f7ef35b3fcfbf394ef6737c1a469ff32f9c413f159e
Ubuntu Security Notice USN-342-1 - Multiple bypass and buffer overflow vulnerabilities exist in PHP4 and PHP5.
4c59a09b17fad2d2c14c6b1109b5fc05e9964de2289772d2e889d67b628df000