http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0619 "chmlib before 0.39 allows user-assisted remote attackers to execute arbitrary code via a crafted page block length in a CHM file, which triggers memory corruption." FC5+ seemingly affected.
Thanks for mentioning this. I uploaded new version into FE several minutes ago. Let's wait a little )