PT-2017-2096 · Document Foundation+3 · Libreoffice+3

Publicado

2017-02-16

·

Atualizado

2024-06-15

·

CVE-2016-10327

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions LibreOffice versions prior to 2016-12-22
Description The issue is caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. This can lead to an out-of-bounds write, potentially allowing a remote attacker to execute arbitrary code.
Recommendations For versions prior to 2016-12-22, update to a version released after 2016-12-22 to resolve the issue. As a temporary workaround, consider disabling the EnhWMFReader::ReadEnhWMF function until a patch is available.

Correção

Out of bounds Read

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125CWE-787

Identificadores relacionados

ALT-PU-2017-1170
BDU:2017-01264
CVE-2016-10327
OPENSUSE-SU-2024:10983-1
SUSE-SU-2017:1821-1
SUSE-SU-2017:2315-1
USN-3273-1

Produtos afetados

Alt Linux
Libreoffice
Suse
Ubuntu