Core Security Technologies Advisory – Google SketchUp is a 3D modeling program designed for architects, civil engineers, filmmakers, game developers, and related professions. Google SketchUp bundles an old version of ‘lib3ds’, a library used to process 3DS files. This library is being compiled in a way that leads to improper validation of data when importing 3DS files; this condition can be exploited by remote attackers to trigger a memory corruption vulnerability by enticing an unsuspecting user to open a specially crafted 3DS file, possibly leading to arbitrary code execution.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85100/CORE-2009-1209.txt
Source: https://packetstormsecurity.com/files/85100/Core-Security-Technologies-Advisory-2009.1209.html