aSc Timetables 2017 - Buffer Overflow

Exploit Datenbank (exploit-db.com)
CVE Datenbank (cve.mitre.org)
Ruben Garrote Garca 12.01.2017 Verified Wait Vulnerable-App
Local Exploits Windows

Exploit Code

Code Download 
# Exploit Title: aSc Timetables 2017 input field buffer overflow and code execution
# Date: 2017-01-12
# Exploit Author: Peter Baris
# Exploit code: http://saptech-erp.com.au/resources/Timetables.zip
# Exploit documentation: http://saptech-erp.com.au/resources/TimeTables_2017.pdf
# Software Link: http://www.asctimetables.com/download/aScTimeTables.exe  
# Version: 1.0.0.1
# Tested on: Windows Server 2008 R2 x64, Windows 7 Pro x64, Windows Server 2012 R2 x64, Windows Server 2016 x64

POC:

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41031.zip