openoffice.org is vulnerable to arbitrary code execution. The vulnerability exist as a directory traversal flaw was found in the way OpenOffice.org handled the installation of XSLT filter descriptions packaged in Java Archive (JAR) files, as well as the installation of OpenOffice.org Extension (.oxt) files. An attacker could use these flaws to create a specially-crafted XSLT filter description or extension file that, when opened, would cause the OpenOffice.org Extension Manager to modify files accessible to the user installing the JAR or extension file.
osvdb.org/70711
secunia.com/advisories/40775
secunia.com/advisories/42999
secunia.com/advisories/43065
secunia.com/advisories/43105
secunia.com/advisories/43118
secunia.com/advisories/60799
ubuntu.com/usn/usn-1056-1
www.debian.org/security/2011/dsa-2151
www.gentoo.org/security/en/glsa/glsa-201408-19.xml
www.mandriva.com/security/advisories?name=MDVSA-2011:027
www.openoffice.org/security/cves/CVE-2010-3450.html
www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
www.redhat.com/support/errata/RHSA-2011-0181.html
www.redhat.com/support/errata/RHSA-2011-0182.html
www.securityfocus.com/bid/46031
www.securitytracker.com/id?1025002
www.vupen.com/english/advisories/2011/0230
www.vupen.com/english/advisories/2011/0232
www.vupen.com/english/advisories/2011/0279
access.redhat.com/errata/RHSA-2011:0182
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=602324