In this paper the authors uncover and demonstrate a novel and interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known Steam3 platform as an attack vector against remote systems.
You can download it from the following link: https://packetstormsecurity.com/files/download/117405/ReVuln_Steam_Browser_Protocol_Insecurity.pdf
Source: https://packetstormsecurity.com/files/117405/Steam-Browser-Protocol-Insecurity.html