Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-222
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ffb0d11a7dd (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000045`cc913040 00007ffb`0d358ad6 : 0000017b`01483052 00000000`00000000 00007ffb`0d6faf90 00000045`cc9131d8 : mso20win32client!CrashWithRecovery+0x4d00000045`cc9130a0 00007ffb`d1921ee9 : 00000000`00000016 0000017b`21bc3ff0 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000045`cc913110 00007ffb`d1905011 : 00000000`ffff9d01 0000017b`00000000 00000000`00000000 00000045`cc9131c0 : ucrtbase!raise+0x1d900000045`cc913190 00007ff7`4c2acb5a : 00000000`00000003 00000000`00000003 ffffffff`fffffffe 0000017b`21c8dff0 : ucrtbase!abort+0x3100000045`cc9131c0 00007ffb`d1921f37 : 00000000`ffff9d0d 0000017b`21bc3ff0 0000017b`0de2cf90 0000017b`21bc3ff0 : msaccess!SetEnumIntlView+0x202a00000045`cc9131f0 00007ff7`4c0b61d4 : 00000000`ffff9d0d 00000000`ffffffff 00007ffb`0d6faf90 0000017b`21bc3f90 : ucrtbase!terminate+0x1700000045`cc913220 00007ff7`4c14f928 : 00000045`cc9132d8 0000017b`21bc3ff0 0000017b`21bc3f90 00000045`cc915880 : msaccess!JETESLoadProjectTypeLib+0x40d400000045`cc913260 00007ff7`4c5dcc4a : 00000045`cc9132d8 0000017b`0de2cf90 00000045`cc9132d8 00000000`00000003 : msaccess!JETESLoadProjectTypeLib+0x9d82800000045`cc913290 00007ff7`4c5dcb40 : 0000017b`05754ff0 00000045`cc914198 00000045`cc914198 00000000`00000001 : msaccess!AccessLoadString+0x25e9a00000045`cc914150 00007ff7`4c5e3f86 : 0000017b`59f41f70 00000000`0000000c 00000045`cc917180 00000000`00000001 : msaccess!AccessLoadString+0x25d9000000045`cc915010 00007ff7`4c5e340d : 00000000`00000000 00000000`00000000 00000045`cc917990 00000000`00000001 : msaccess!AccessLoadString+0x2d1d600000045`cc9157d0 00007ff7`4c5dba62 : 00000000`00020102 0000017b`15480860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c65d00000045`cc9170d0 00007ff7`4c390d0e : 0000017b`27770f40 00000045`cc917510 0000defc`81f812e6 00000000`00000102 : msaccess!AccessLoadString+0x24cb200000045`cc9174f0 00007ff7`4c3cfce5 : 006f0073`006f0072 004a002e`00740066 004e002e`00740065 00760069`00740061 : msaccess!SizeCallback+0xdb8ee00000045`cc9176e0 00007ff7`4c15c508 : 0000017b`15480860 00007ff7`4c8ffde7 00000000`00000003 00000045`00000000 : msaccess!WizChooseColor+0x3d5f500000045`cc917750 00007ff7`4c94a899 : 00000000`00000000 00000000`00008000 00000045`cc917db9 0000017b`15480860 : msaccess!JETESLoadProjectTypeLib+0xaa40800000045`cc9177a0 00007ff7`4c5220b5 : 00000045`cc917c58 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x9e82900000045`cc917c00 00007ff7`4c0ad380 : 0000017b`07530ec0 00000045`cc917dc0 00007ffb`d19988c0 00000045`cc917dc0 : msaccess!MSAU_GetSizeList+0x271500000045`cc917d50 00007ff7`4c0ac7c0 : 00000000`00000000 00000000`00000000 0000017b`07530ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32e8000000045`cc917e20 00007ff7`4c925b5a : 0000017b`07530f18 00000000`00000000 0000017b`07530ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x322c000000045`cc918120 00007ff7`4c0b0a7e : 0000017b`65942d70 00000045`cc918820 0000017b`65942d70 00000000`00000000 : msaccess!OpenHscrEmbedded+0x79aea00000045`cc9182e0 00007ff7`4c0a1de6 : 00000045`cc918490 00000045`cc9185c8 0000017b`1a606f70 00000045`cc9185c8 : msaccess!ReleaseAccessIconResource+0x3657e00000045`cc918430 00007ff7`4c246d2e : 00000045`cc918820 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x278e600000045`cc918550 00007ff7`4c242e71 : 00000045`cc91c3f0 00000000`00000000 00007ffb`d3b40000 00000045`cc91dd30 : msaccess!MSAU_ErrSortStringArray+0x345ce00000045`cc91c390 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x3071100000045`cc91dc40 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b00000045`cc91f320 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea00000045`cc91f840 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb00000045`cc91f9e0 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce00000045`cc91fac0 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x1261200000045`cc91fb00 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000045`cc91fb30 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c