{"id":"CVE-2017-7870","details":"LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.","modified":"2026-04-11T12:03:14.782652Z","published":"2017-04-14T04:59:00.757Z","related":["SUSE-SU-2017:1821-1","SUSE-SU-2017:2315-1","openSUSE-SU-2024:10983-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"last_affected":"5.3.0.0"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*"},{"source":"DESCRIPTION","extracted_events":[{"fixed":"2017-01-02"}]}]},"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1039029"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3837"},{"type":"ADVISORY","url":"http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97671"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1975"},{"type":"ADVISORY","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201706-28"},{"type":"FIX","url":"https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libreoffice/core","events":[{"introduced":"0"},{"fixed":"62a97e6a561ce65e88d4c537a1b82c336f012722"}],"database_specific":{"source":"REFERENCES"}}],"versions":["MELD_LIBREOFFICE_REPOS","libreoffice-3-5-branch-point","libreoffice-3-6-branch-point","libreoffice-3.5.0.0","libreoffice-4-0-branch-point","libreoffice-4-1-branch-point","libreoffice-4-2-branch-point","libreoffice-4-2-milestone-1","libreoffice-4-3-branch-point","libreoffice-4-4-branch-point","libreoffice-5-0-branch-point","libreoffice-5-1-branch-point","libreoffice-5-2-branch-point","libreoffice-5-3-branch-point","sdremote-2.0.0","windows_build_successful_2011_11_08"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7870.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}