Ubuntu Security Notice 949-1 – Marc Schoenefeld discovered that OpenOffice.org would run document macros from the macro browser, even when macros were disabled. If a user were tricked into opening a specially crafted document and examining a macro, a remote attacker could execute arbitrary code with user privileges.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/90393/USN-949-1.txt
Source: https://packetstormsecurity.com/files/90393/Ubuntu-Security-Notice-949-1.html