Successful exploitation of the vulnerabilities could lead to the execution of arbitrary code on a system with the privileges of a local user. For an attack to be successful, a victim must first open a specially crafted Open Document Format (ODF) file. Versions up to and including LibreOffice 3.5.4 are affected; upgrading to version 3.5.5 or later fixes these problems. All users are advised to upgrade.
The developers note that the 3.6.0 release of LibreOffice also closes these holes. However, at the time of writing, this version has yet to be released only the fourth release candidate is available.