CVE-2008-1389
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."
Date published : 2008-09-04
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html