OpenOffice.org, an open-source software maker, has confirmed a buffer overflow issue that could allow remote attacks.

The problem in its freely distributed productivity applications has been fixed, the organisation said late on Tuesday but no patch has yet been issued.

The flaw, first discovered in late March, according to postings on the group's Web site, is present in OpenOffice Version 1.1.4 and the OpenOffice Version 2.0 beta release of the applications, as well as in earlier versions of those applications.

According to the OpenOffice site, the flaw was found in one specific function of the software and could be exploited by files designed to exploit the vulnerability. OpenOffice.org said the flaw may have allowed for remote execution of malicious code on computers running the affected OpenOffice applications.

Security researchers following the issue rated the flaw as relatively serious, with Secunia labelling the vulnerability as "moderately critical," its rating for issues that can compromise systems but that require user interaction in order to be exploited.

The flaw has now been effectively addressed by eliminating coding bugs that created the vulnerability, according to members of the OpenOffice community, the group of open-source software developers that contributes to the expansion of the software.

While OpenOffice contributors said on the site that they have identified and fixed the issue, the group has yet to publicly issue a patch to address the problem.

The ability for OpenOffice software users to fix problems on the fly -- the open-source development model allows collaborators to view code and submit changes such as bug fixes or enhancements -- has been highlighted by the group as one of the advantages of its applications. For instance, rival Microsoft typically issues security patch updates for its Windows products once a month.