{"id":"CVE-2016-10327","details":"LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.","modified":"2026-04-11T19:42:59.097085Z","published":"2017-04-14T04:59:00.167Z","related":["SUSE-SU-2017:1821-1","SUSE-SU-2017:2315-1","openSUSE-SU-2024:10983-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*","extracted_events":[{"last_affected":"5.3.0.0"}],"source":"CPE_FIELD"},{"extracted_events":[{"fixed":"2016-12-22"}],"source":"DESCRIPTION"}]},"references":[{"type":"ADVISORY","url":"http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97668"},{"type":"ADVISORY","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201706-28"},{"type":"FIX","url":"https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libreoffice/core","events":[{"introduced":"0"},{"fixed":"7485fc2a1484f31631f62f97e5c64c0ae74c6416"}],"database_specific":{"source":"REFERENCES"}}],"versions":["MELD_LIBREOFFICE_REPOS","libreoffice-3-5-branch-point","libreoffice-3-6-branch-point","libreoffice-3.5.0.0","libreoffice-4-0-branch-point","libreoffice-4-1-branch-point","libreoffice-4-2-branch-point","libreoffice-4-2-milestone-1","libreoffice-4-3-branch-point","libreoffice-4-4-branch-point","libreoffice-5-0-branch-point","libreoffice-5-1-branch-point","libreoffice-5-2-branch-point","libreoffice-5-3-branch-point","sdremote-2.0.0","windows_build_successful_2011_11_08"],"database_specific":{"vanir_signatures_modified":"2026-04-11T19:42:59Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10327.json","vanir_signatures":[{"digest":{"line_hashes":["334053160755383975859705809270790090599","34034932267292955216499041347490474619","48980431915421534421871362110824146609","6608963929227775552552095468522078752","283900924918008700993223423756679953920","333079618261165919802139808131331063063","241931808347815321270186246937817161404","221376714366991152167600797032763298481","19056356198047102999527290008840291531","145803185700566884705377919326943751767","159286291030143378254486357485998754256"],"threshold":0.9},"signature_version":"v1","signature_type":"Line","id":"CVE-2016-10327-1681ef8b","source":"https://github.com/libreoffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416","deprecated":false,"target":{"file":"vcl/source/filter/wmf/enhwmf.cxx"}},{"digest":{"length":30327,"function_hash":"284193747462724565906558809339168579976"},"signature_version":"v1","signature_type":"Function","id":"CVE-2016-10327-1c06df17","source":"https://github.com/libreoffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416","deprecated":false,"target":{"function":"EnhWMFReader::ReadEnhWMF","file":"vcl/source/filter/wmf/enhwmf.cxx"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}