Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case.
http://www.securityfocus.com/bid/27243
http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
http://hboeck.de/archives/578-How-long-does-it-take-to-fix-a-crash-bug.html