LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
{
"unresolved_ranges": [
{
"vendor_product": "libreoffice:libreoffice",
"cpes": [
"cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*"
],
"source": "CPE_RANGE",
"extracted_events": [
{
"last_affected": "5.3.0.0"
}
]
},
{
"source": "DESCRIPTION",
"extracted_events": [
{
"fixed": "2016-12-22"
}
]
}
]
}[
{
"digest": {
"line_hashes": [
"334053160755383975859705809270790090599",
"34034932267292955216499041347490474619",
"48980431915421534421871362110824146609",
"6608963929227775552552095468522078752",
"283900924918008700993223423756679953920",
"333079618261165919802139808131331063063",
"241931808347815321270186246937817161404",
"221376714366991152167600797032763298481",
"19056356198047102999527290008840291531",
"145803185700566884705377919326943751767",
"159286291030143378254486357485998754256"
],
"threshold": 0.9
},
"id": "CVE-2016-10327-1681ef8b",
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/libreoffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416",
"target": {
"file": "vcl/source/filter/wmf/enhwmf.cxx"
}
},
{
"digest": {
"length": 30327.0,
"function_hash": "284193747462724565906558809339168579976"
},
"id": "CVE-2016-10327-1c06df17",
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://github.com/libreoffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416",
"target": {
"function": "EnhWMFReader::ReadEnhWMF",
"file": "vcl/source/filter/wmf/enhwmf.cxx"
}
}
]
"2026-07-08T23:46:40Z"
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10327.json"