cpe:/a:xpdfreader:xpdf:4.00 CVE-2018-8104 2018-03-13T23:29:00.407-04:00 2019-10-02T20:03:26.223-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2018-03-30T18:13:33.463-04:00 MISC https://forum.xpdfreader.com/viewtopic.php?f=3&t=652 The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.