The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3244)