CVE-2016-10327 in Ubuntu

CVE-2016-10327

Priority

Medium

Description

LibreOffice before 2016-12-22 has an out-of-bounds write caused by a
heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function
in vcl/source/filter/wmf/enhwmf.cxx.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10327
http://www.ubuntu.com/usn/usn-3273-1

Bugs

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313

Package

Source: libreoffice (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 17.10 (Artful Aardvark):	not-affected (1:5.3.1-0ubuntu2)
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (code not present)
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (1:5.1.6~rc2-0ubuntu1~xenial2)
Ubuntu 17.04 (Zesty Zapus):	not-affected (1:5.3.1-0ubuntu2)

Patches:

Upstream:

https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416

Package

Source: openoffice.org (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

More Information

Updated: 2017-08-11 23:54:20 UTC (commit 13081)