Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
3MF Consortium’s lib3mf library is vulnerable to a use-after-free vulnerability that could allow an
adversary to execute remote code on the victim machine. The lib3mf library is an open-source implementation of the 3MF file format and standard, mainly used for 3D-printing. An attacker could send a target a specially crafted file to create a use-after-free condition. The 3MF standard has been adopted in a…
[[ This is only the beginning! Please visit the blog for the complete entry ]]
Article Link: http://feedproxy.google.com/~r/feedburner/Talos/~3/gVn4Rpr9bRg/vuln-spotlight-3mf-lib-.html