Buffer overflow on CHM format parsing.
vulners.com/securityvulns/securityvulns:doc:6489
vulners.com/securityvulns/securityvulns:doc:6495