Mozilla Thunderbird before 52.8 : It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected.
The host is installed with Ghostscript through 9.20 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an unknown input to the -dSAFER argument. Successful exploitation could allow attackers to determine the existence and size of arbitrary files.
The host is installed with Artifex Ghostscript before 9.23 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle the uninitialized memory access in the aesdecode operator. Successful exploitation could allow attackers to crash the interpreter or potentially execute code.
The host is installed with Artifex Ghostscript before 9.23 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle the LockDistillerParams parameter. Successful exploitation could allow attackers to crash the interpreter or execute code.
The host is installed with Artifex Ghostscript before 9.23 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle the .shfill operator. Successful exploitation could allow attackers to supply crafted postScript files to crash the interpreter or potentially execute code.
The host is installed with Artifex Ghostscript before 9.23 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle .tempfile restrictions and write files. Successful exploitation could allow attackers to supply malicious postScript files to bypass .tempfile restrictions and write files.