https://issues.apache.org/bugzilla/show_bug.cgi?id=54764
Bug ID: 54764
Summary: XSSF : Vulnerable to entity expansion attack
Product: POI
Version: 3.9
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: XSSF
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
Created attachment 30114
--> https://issues.apache.org/bugzilla/attachment.cgi?id=30114&action=edit
Document which demonstrates entity expansion attack. Do not carelessly open.
It is possible to cripple a system which is parsing xml based Office docs using
an entity expansion attack. I've attached a simple billion laughs example
.xlsx file. Please note that this document IS MALICIOUS. Do not try to parse
the contained XML files unless you feel like DoSing your own machine.
I'll also include a patch file which contains a possible solution. It may be a
bit controversial as it will tend to discard an entire document if it detects
that any part of it violates reasonable security rules. That being said, it's
well suited to my use case and I thought I'd share. Some kind soul may,
perhaps, refactor it into configurable behaviour.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
