The host is installed with OpenOffice.org 2.x and 3.x before 3.3 and is prone to denial of service vulnerability. A flaw is present in the WW8DopTypography::ReadFromMem function of oowriter, which fails to handle specially crafted typography information in a crafted .DOC file that triggers an out-of-bound write. Successful exploitation may allow a remote unprivileged user to execute arbitrary code ...