It was discovered that Expat, vendored in Coin3D incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
3.1.4~abc9f50-4ubuntu2+esm23.1.4~abc9f50+dfsg1-1ubuntu0.1~esm23.1.4~abc9f50+dfsg3-2ubuntu0.1~esm1