The host is installed with Apache OpenOffice 4.x before 4.1.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle unrestricted actions in a crafted document. Successful exploitation could allow an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system.