Secunia

Some vulnerabilities have been reported in OpenOffice.org, which potentially can be exploited by malicious people to compromise a user's system.

1) Several vulnerabilities within the libwpd library used by OpenOffice.org can be exploited to cause heap-based buffer overflows and may allow the execution of arbitrary code by e.g. tricking a user into opening a specially crafted WordPerfect document.

This affects 2.x versions prior to 2.2 only.

For more information:
SA24507

2) A boundary error within the StarCalc parser can be exploited to cause a stack-based buffer overflow and may allow execution of arbitrary code by e.g. tricking a user into opening a specially crafted document.

3) Shell meta characters are not correctly escaped, which can be exploited to inject and execute arbitrary shell commands by e.g. tricking a user into opening a specially crafted document and clicking a malicious link.

Reportedly, this does not affected Windows systems.

Solution
Update to version 2.2 or apply patches.

Provided and/or discovered by
1) Originally discovered by an anonymous researcher. Further research by Sean Larsson from iDefense revealed additional vulnerabilities.
2) John Heasman, Next Generation Security.
3) Reported in a Debian advisory.

Changelog
Further details available in Customer Area

Original Advisory
http://www.debian.org/security/2007/dsa-1270
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490

http://www.openoffice.org/security/CVE-2007-2.html
http://www.openoffice.org/security/CVE-2007-0238
http://www.openoffice.org/security/CVE-2007-0239.html

Deep Links
Links available in Customer Area