CVE-2008-20001
activePDF WebGrabber ActiveX Control Buffer Overflow
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although the control is not marked safe for scripting, exploitation is possible via crafted HTML content in Internet Explorer under permissive security settings.
| CWE | CWE-121 |
| Vendor | activepdf |
| Product | webgrabber |
| Published | Aug 30, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for activepdf webgrabber
Be the first to know when new unknown vulnerabilities affecting activepdf webgrabber are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
activePDF / WebGrabber
* โค 3.8.2.0
References
raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/activepdf_webgrabber.rb exploit-db.com: https://www.exploit-db.com/exploits/16635 web.archive.org: https://web.archive.org/web/20081219180353/http://www.activepdf.com/products/serverproducts/webgrabber/ support.activepdf.com: https://support.activepdf.com/support/solutions/35000139131 documentation.activepdf.com: https://documentation.activepdf.com/WebGrabber_GS/b_installation/New_Installation.html vulncheck.com: https://www.vulncheck.com/advisories/activepdf-webgrabber-activex-control-buffer-overflow
Credits
MC