cbcvebase.
CVE-2008-20001
published 2025-08-30

CVE-2008-20001: activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By…

PriorityP351high7.5CVSS 4.0
AVNACLATPPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.02%
59.2th percentile
activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although the control is not marked safe for scripting, exploitation is possible via crafted HTML content in Internet Explorer under permissive security settings.

Affected

1 ranges
VendorProductVersion rangeFixed in
activepdfwebgrabber<= 3.8.2.0

Detection & IOCsextracted from sources · hover to see the quote

versionAPWebGrb.ocx 3.8.2.0
commandGetStatus()
  • Monitor for instantiation of the APWebGrb.ocx ActiveX control in Internet Explorer processes, particularly calls to the GetStatus() method with abnormally long string arguments.
  • Flag crafted HTML content that attempts to instantiate the APWebGrb.ocx ActiveX control, especially under permissive Internet Explorer security zone settings.
  • The control is not marked safe for scripting; alert on any attempt to script this control from a web context, as it requires non-default IE security settings to execute.
  • ·Exploitation requires permissive Internet Explorer security settings since the ActiveX control is not marked safe for scripting; default IE configurations would block this attack vector.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.