https://bugs.documentfoundation.org/show_bug.cgi?id=86879

Enrico Zini <[email protected]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|major                       |normal

--- Comment #23 from Enrico Zini <[email protected]> ---
I can still reproduce the issue with the version of Libreoffice in Debian
Bookworm, and I have no access to newer versions:

Version: 7.4.7.2 / LibreOffice Community
Build ID: 40(Build:2)
CPU threads: 4; OS: Linux 6.1; UI render: default; VCL: gtk3
Locale: en-IE (en_IE.UTF-8); UI: en-US
Debian package version: 4:7.4.7-1+deb12u4
Calc: threaded

Reproducing this issue is trivial: run lowriter crash.doc

Even if the .doc file is invalid, libreoffice should refuse to open it instead
of entering an infinite busy-loop.

This could potentially be remotely exploited for DoS attacks for sites that use
libreoffice as a backend for conversion of user-provided documents, as it can
be reproduced with:

loffice --headless --convert-to txt:Text crash.doc

I am not however knowledgeable enough of the triaging process to make this an
issue of major importance.

It's becoming rather frustrating to revalidate this issue, trivially
reproducible after 10 years, while the bot regularly attempts to close it.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to