What is CVE-2008-20001?

CVE-2008-20001 is a vulnerability in Activepdf Webgrabber, classified under Stack-based Buffer Overflow. Published 2025-08-30.

Is CVE-2008-20001 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Activepdf Webgrabber

CVE-2008-20001

activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitra…

Vulnerability class: Buffer Overflow

EPSS: 0.612 (98.3th percentile) — read the EPSS interpretation.

Affected products

Activepdf Webgrabber — versions 0

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/w… (exploit)
www.exploit-db.com/exploits/16635 (exploit)
web.archive.org/web/20081219180353/http://www.activepdf.com/products/serverprod… (product)
support.activepdf.com/support/solutions/35000139131 (product)
documentation.activepdf.com/WebGrabber_GS/b_installation/New_Installation.html (product)
www.vulncheck.com/advisories/activepdf-webgrabber-activex-control-buffer-overfl… (third-party-advisory)

Frequently asked questions

What is CVE-2008-20001?: CVE-2008-20001 is a vulnerability in Activepdf Webgrabber, classified under Stack-based Buffer Overflow. Published 2025-08-30.
Is CVE-2008-20001 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.