Kad

**Name of the Vulnerable Software and Affected Versions** RPortal versions 1.1 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `file op` parameter in the index.php file. **Recommendations** For RPortal versions 1.1 and earlier, update to a version later than 1.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Graphics Device Interface (GDI+) (affected versions not specified) **Description** The issue allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero. This triggers a divide-by-zero error. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.