Secunia has posted this new advisory today about an issue with the GD graphics library functionality in PHP that could be used to cause a Denial of Service via a truncated PNG image.
The vulnerability is caused due to the incorrect use of libpng within the function "gdPngReadData()" in ext/gd/libgd/gd_png.c of the GD extension when processing truncated data. This can be exploited to cause an infinite loop by e.g. tricking an application to process a specially crafted file. (reported by Xavier Roche)