An XML External Entity (XXE) attack is possible in OpenOffice.org versions 3.3 and 3.4 Beta. This vulnerability exploits the way in which external entities are processed in certain XML components of ODF documents.
8eebd992aa35f4faf62775e9bf55d28de394b1f4f67b8928b0375d38ba17a838