{"id":"CVE-2017-7870","details":"LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.","modified":"2026-07-08T23:46:56.021743Z","published":"2017-04-14T04:59:00.757Z","related":["SUSE-SU-2017:1821-1","SUSE-SU-2017:2315-1","openSUSE-SU-2024:10983-1"],"database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"5.3.0.0"}],"source":"CPE_RANGE","vendor_product":"libreoffice:libreoffice"},{"extracted_events":[{"fixed":"2017-01-02"}],"source":"DESCRIPTION"}]},"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1039029"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3837"},{"type":"ADVISORY","url":"http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97671"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1975"},{"type":"ADVISORY","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201706-28"},{"type":"FIX","url":"https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libreoffice/core","events":[{"introduced":"0"},{"fixed":"62a97e6a561ce65e88d4c537a1b82c336f012722"}],"database_specific":{"source":"REFERENCES"}}],"versions":["libreoffice-5-3-branch-point","libreoffice-5-2-branch-point","libreoffice-5-1-branch-point","libreoffice-5-0-branch-point","libreoffice-4-4-branch-point","libreoffice-4-3-branch-point","sdremote-2.0.0","libreoffice-4-2-branch-point","libreoffice-4-2-milestone-1","libreoffice-4-1-branch-point","libreoffice-4-0-branch-point","libreoffice-3-6-branch-point","libreoffice-3.5.0.0","libreoffice-3-5-branch-point","windows_build_successful_2011_11_08","MELD_LIBREOFFICE_REPOS"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7870.json","vanir_signatures_modified":"2026-07-08T23:46:56Z","vanir_signatures":[{"signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722","target":{"file":"tools/source/generic/poly.cxx"},"deprecated":false,"digest":{"line_hashes":["22070612361645020329499610670637442537","249548078519129381430523906520815174046","66627152345715727314717051175413444184","183457155979765927682825144003200261694","106853514682002853511463943567446016026","164520669373181017003991742969165080466","262049827953478467901912069566875013880","169435334650410120893404410842814725204","127156561887178819446338029902892638488","290523080986170265811940144313261488470","129517384787695669179361398211531610093","295269351213068409233532661871352164512","296108302739791682043000479602677467115","84299348447492656638703726841172784111","147197914840954722298865082518069312180","252473870175660580243636653292391771538"],"threshold":0.9},"id":"CVE-2017-7870-05518e5e","signature_type":"Line"},{"signature_type":"Function","signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722","target":{"function":"Polygon::Insert","file":"tools/source/generic/poly.cxx"},"deprecated":false,"digest":{"function_hash":"177579632425961738769511052796220908042","length":249},"id":"CVE-2017-7870-71ab297e"},{"signature_type":"Line","signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722","target":{"file":"tools/inc/poly.h"},"deprecated":false,"digest":{"line_hashes":["268423800745431058011912116022712954466","161724590690062240202967858997688713271","254401286068184726806158298447869513049","135877398073884030876425637441777630194"],"threshold":0.9},"id":"CVE-2017-7870-e981ea23"},{"id":"CVE-2017-7870-ff672b92","signature_type":"Function","signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722","target":{"file":"tools/source/generic/poly.cxx","function":"ImplPolygon::ImplSplit"},"deprecated":false,"digest":{"function_hash":"334702242086672512941108974623254879673","length":1319}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}