On my latest update of the git repository Symantic anti-virus found BloodHound.Exploit314 in the file LayoutTests\fast\images\resources\large-size-image-crash.jpeg http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2010-022301-5155-99&tabid=2 I suspect that is related to a test case but it does not seem correct for the download of the source to trigger a Trojan horse detection.
The "Bloodhound" class of detections is a heuristic alarm, rather than a detection of a specific malware threat. Likely, there is a crasher test case in the layout tests that's similar enough to a real-world exploit that it's triggering a false positive.
I added this in http://trac.webkit.org/changeset/62399 and this is a legitimate usecase to test image overflow.
(In reply to comment #2) > I added this in http://trac.webkit.org/changeset/62399 and this is a legitimate usecase to test image overflow. That was for Bug 41487.
*** Bug 48968 has been marked as a duplicate of this bug. ***
Can this be moved out of Security component?
Yes, it certainly can.
*** Bug 49537 has been marked as a duplicate of this bug. ***
At Matt and Abhishek implied, this is something Symantec would need to resolve. This is not the first time our regression tests confuse antivirus software.