Red Hat Bugzilla – Bug 814223
libreoffice (X >= 3.5.0): DoS (excessive CPU use) in RTF tokenizer by processing certain RTF files
Last modified: 2015-08-22 02:32:29 EDT
A denial of service flaw was found in the way the LibreOffice RTF Tokenizer used to resolve certain keywords being present in the Rich Text Format (RTF) document. A remote attacker could provide a specially-crafted RTF file, which once opened by a local, unsuspecting LibreOffice tools suite user would lead to excessive CPU usage by the tool used for opening that file.
Upstream bug report:
Upstream patch (against 3.5 branch):
This issue did NOT affect the versions of the openoffice.org package, as shipped with Red Hat Enterprise Linux 5 and 6.
This issue did NOT affect the versions of the libreoffice package, as shipped with Fedora release of 15 and 16.