OpenOffice.org 1.1.4 and below suffer from a vulnerability that may allow execution of arbitary code in the context of the user when user opens an hostile document. The bug lies in the way how OpenOffice.org parses Microsoft's Word's DOC file structure.

This vulnerability is now fixed, and there is patches available from the OpenOffice.org project.

Further information is available from OpenOffice.org issue database.