diff --git a/poi-scratchpad/src/main/java/org/apache/poi/hwpf/converter/AbstractWordUtils.java b/poi-scratchpad/src/main/java/org/apache/poi/hwpf/converter/AbstractWordUtils.java
index dc996af43d..9ef569fc6b 100644
--- a/poi-scratchpad/src/main/java/org/apache/poi/hwpf/converter/AbstractWordUtils.java
+++ b/poi-scratchpad/src/main/java/org/apache/poi/hwpf/converter/AbstractWordUtils.java
@@ -240,6 +240,11 @@ public class AbstractWordUtils {
                     }
                 }
 
+                // ensure the format does not grow too large, number-format
+                // can be roman-numbers, where very large numbers would have
+                // very many "M" and thus may cause memory to overload
+                IOUtils.safelyAllocateCheck(num, MAX_BULLET_BUFFER_SIZE/10);
+
                 bulletBuffer.append( NumberFormatter.getNumber( num,
                         list.getNumberFormat( level ) ) );
             } else {
diff --git a/test-data/document/clusterfuzz-testcase-minimized-POIHWPFFuzzer-5195207308541952.doc b/test-data/document/clusterfuzz-testcase-minimized-POIHWPFFuzzer-5195207308541952.doc
new file mode 100644
index 0000000000..1d36046066
Binary files /dev/null and b/test-data/document/clusterfuzz-testcase-minimized-POIHWPFFuzzer-5195207308541952.doc differ
diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls
index 790188dda0..ab8a975ae8 100644
Binary files a/test-data/spreadsheet/stress.xls and b/test-data/spreadsheet/stress.xls differ