{"id":"CVE-2017-7870","details":"LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.","modified":"2026-04-11T04:59:29.574667Z","published":"2017-04-14T04:59:00.757Z","related":["SUSE-SU-2017:1821-1","SUSE-SU-2017:2315-1","openSUSE-SU-2024:10983-1"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1039029"},{"type":"ADVISORY","url":"http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97671"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1975"},{"type":"ADVISORY","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201706-28"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3837"},{"type":"FIX","url":"https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libreoffice/core","events":[{"introduced":"0"},{"fixed":"62a97e6a561ce65e88d4c537a1b82c336f012722"}]},{"type":"GIT","repo":"https://github.com/libreoffice/core","events":[{"introduced":"0"},{"fixed":"62a97e6a561ce65e88d4c537a1b82c336f012722"}]}],"versions":["MELD_LIBREOFFICE_REPOS","libreoffice-3-5-branch-point","libreoffice-3-6-branch-point","libreoffice-3.5.0.0","libreoffice-4-0-branch-point","libreoffice-4-1-branch-point","libreoffice-4-2-branch-point","libreoffice-4-2-milestone-1","libreoffice-4-3-branch-point","libreoffice-4-4-branch-point","libreoffice-5-0-branch-point","libreoffice-5-1-branch-point","libreoffice-5-2-branch-point","libreoffice-5-3-branch-point","sdremote-2.0.0","windows_build_successful_2011_11_08"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7870.json","vanir_signatures_modified":"2026-04-11T04:59:29Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"5.3.0.0"}]},{"events":[{"introduced":"0"},{"fixed":"2017-01-02"}]}],"vanir_signatures":[{"signature_type":"Line","digest":{"line_hashes":["22070612361645020329499610670637442537","249548078519129381430523906520815174046","66627152345715727314717051175413444184","183457155979765927682825144003200261694","106853514682002853511463943567446016026","164520669373181017003991742969165080466","262049827953478467901912069566875013880","169435334650410120893404410842814725204","127156561887178819446338029902892638488","290523080986170265811940144313261488470","129517384787695669179361398211531610093","295269351213068409233532661871352164512","296108302739791682043000479602677467115","84299348447492656638703726841172784111","147197914840954722298865082518069312180","252473870175660580243636653292391771538"],"threshold":0.9},"target":{"file":"tools/source/generic/poly.cxx"},"id":"CVE-2017-7870-05518e5e","deprecated":false,"signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"},{"signature_type":"Function","digest":{"length":249,"function_hash":"177579632425961738769511052796220908042"},"target":{"function":"Polygon::Insert","file":"tools/source/generic/poly.cxx"},"id":"CVE-2017-7870-71ab297e","deprecated":false,"signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"},{"signature_type":"Line","digest":{"line_hashes":["268423800745431058011912116022712954466","161724590690062240202967858997688713271","254401286068184726806158298447869513049","135877398073884030876425637441777630194"],"threshold":0.9},"target":{"file":"tools/inc/poly.h"},"id":"CVE-2017-7870-e981ea23","deprecated":false,"signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"},{"signature_type":"Function","digest":{"length":1319,"function_hash":"334702242086672512941108974623254879673"},"target":{"function":"ImplPolygon::ImplSplit","file":"tools/source/generic/poly.cxx"},"id":"CVE-2017-7870-ff672b92","deprecated":false,"signature_version":"v1","source":"https://github.com/libreoffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}