Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
https://security.gentoo.org/glsa/201603-05
https://exchange.xforce.ibmcloud.com/vulnerabilities/95421
http://www.openoffice.org/security/cves/CVE-2014-3524.html
http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/