CVE-2020-36965
Published: 28 January 2026
Summary
CVE-2020-36965 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Verypdf (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2020-36965 is a local buffer overflow vulnerability (CWE-121) affecting docPrint Pro 8.0, specifically in the 'Add URL' input field. The flaw enables attackers to overwrite memory, including structured exception handlers (SEH), by supplying a crafted malicious payload. This leads to arbitrary code execution, with a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high impact on confidentiality, integrity, and availability.
A local attacker with no privileges required can exploit this vulnerability by triggering the buffer overflow in the affected input field. Successful exploitation allows execution of shellcode, potentially granting full control over the system, as described in the vulnerability details.
Advisories and references, including those from VulnCheck (https://www.vulncheck.com/advisories/docprint-pro-add-url-buffer-overflow-seh-egghunter) and Exploit-DB (https://www.exploit-db.com/exploits/49100), provide proof-of-concept exploits demonstrating SEH overwrite and egghunter techniques. The vendor site (http://www.verypdf.com) is also referenced, though specific patch details are not outlined in the available information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-30884
Vulnerability details
docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler (SEH) overwrite to…
more
execute shellcode and gain remote system access.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local buffer overflow with SEH overwrite enables arbitrary code execution on the host, directly mapping to exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Flaw remediation directly addresses the buffer overflow vulnerability by identifying, reporting, and correcting the specific flaw in docPrint Pro's 'Add URL' input field.
Information input validation enforces checks on the 'Add URL' field to prevent buffer overflows from malicious payloads exceeding bounds.
Memory protection mechanisms like DEP and ASLR mitigate SEH overwrite and arbitrary code execution from the buffer overflow.