The host is installed with Apache OpenOffice before 4.1.15 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to properly handle overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. Successful exploitation allows attackers to have unspecified impact.