The host is installed with OpenOffice.org 2.x and 3.x before 3.3 and is prone to use-after-free vulnerability. A flaw is present in oowriter, which fails to properly sanitize user-supplied input. Successful exploitation may allow a remote unprivileged user to execute arbitrary code on the system with the privileges of a local user running OpenOffice.org.