CVEs-PoC/2017/CVE-2017-7246.md

### [CVE-2017-7246](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7246)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.

### POC

#### Reference
- https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/PajakAlexandre/wik-dps-tp02
- https://github.com/cdupuis/image-api
- https://github.com/flyrev/security-scan-ci-presentation
- https://github.com/fokypoky/places-list
- https://github.com/garethr/snykout
- https://github.com/yfoelling/yair