The host is installed with OpenOffice.org 3.x before 3.3 and is prone to security vulnerability. A flaw is present in soffice component of the application, which places a zero-length directory name in the LD_LIBRARY_PATH failing to check the legitimate version. Successful exploitation allows attacker to inject custom code that will be run with the privilege of the program or user executing the program.