CVE-2013-6497
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
Date published : 2014-12-01
http://www.securityfocus.com/bid/71178
http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html