Atomic Alarm Clock Stack Overflow Vulnerability Allowing Arbitrary Code Execution

A stack overflow vulnerability has been identified in Atomic Alarm Clock version 6.3. This vulnerability allows local attackers to execute arbitrary code by sending a malicious string to the display name textbox within the Time Zones Clock configuration. Exploitation involves crafting a buffer that overwrites the structured exception handling (SEH) chain, bypasses SafeSEH protections, and executes arbitrary commands with the privileges of the application.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, allowing for arbitrary code execution with application privileges.

Reproduction

The vulnerability can be reproduced by installing Atomic Alarm Clock 6.3 on a Windows 10 Pro 1909 (x86) system. After opening the application, the exploit can be executed by pasting a crafted buffer into the display name textbox of the Time Zones Clock configuration. This buffer should be designed to overwrite the SEH chain and include encoded shellcode that will be executed once the overflow is triggered.