Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-225
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ffb0d11a7dd (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site0000002a`f68f33e0 00007ffb`0d358ad6 : 00000224`01483052 00000000`00000000 00007ffb`0d6faf90 0000002a`f68f3578 : mso20win32client!CrashWithRecovery+0x4d0000002a`f68f3440 00007ffb`d1921ee9 : 00000000`00000016 00000224`acab2ff8 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x930000002a`f68f34b0 00007ffb`d1905011 : 00000000`ffffae01 00000224`00000000 00000000`00000000 0000002a`f68f3560 : ucrtbase!raise+0x1d90000002a`f68f3530 00007ff7`4c2acb5a : 00000000`00000003 00000000`00000003 ffffffff`fffffffe 00000224`b62b5ff0 : ucrtbase!abort+0x310000002a`f68f3560 00007ffb`d1921f37 : 00000000`ffffae02 00000224`acab2ff8 00000224`c8e80f90 00000224`acab2ff8 : msaccess!SetEnumIntlView+0x202a0000002a`f68f3590 00007ff7`4c0b61d4 : 00000000`ffffae02 00000000`ffffffff 00007ffb`0d6faf90 00000224`acab2ff0 : ucrtbase!terminate+0x170000002a`f68f35c0 00007ff7`4c14f928 : 0000002a`f68f3678 00000224`acab2ff8 00000224`acab2ff0 0000002a`f68f5c20 : msaccess!JETESLoadProjectTypeLib+0x40d40000002a`f68f3600 00007ff7`4c5dcc4a : 0000002a`f68f3678 00000224`c8e80f90 0000002a`f68f3678 00000000`00000002 : msaccess!JETESLoadProjectTypeLib+0x9d8280000002a`f68f3630 00007ff7`4c5dcb40 : 00000224`ac9ecfe0 0000002a`f68f4538 0000002a`f68f4538 00000000`00000003 : msaccess!AccessLoadString+0x25e9a0000002a`f68f44f0 00007ff7`4c5e3f86 : 00000224`890c1f70 00000000`0000000c 0000002a`f68f7520 00000000`00000001 : msaccess!AccessLoadString+0x25d900000002a`f68f53b0 00007ff7`4c5e340d : 00000000`00000000 00000000`00000000 0000002a`f68f7d30 00000000`00000001 : msaccess!AccessLoadString+0x2d1d60000002a`f68f5b70 00007ff7`4c5dba62 : 00000000`00020102 00000224`c8bbc860 00000000`00008004 00000000`00000000 : msaccess!AccessLoadString+0x2c65d0000002a`f68f7470 00007ff7`4c390d0e : 00000224`959b9f40 0000002a`f68f78b0 0000a335`8668e626 00000000`00000102 : msaccess!AccessLoadString+0x24cb20000002a`f68f7890 00007ff7`4c3cfce5 : 006f0073`006f0072 004a002e`00740066 004e002e`00740065 00760069`00740061 : msaccess!SizeCallback+0xdb8ee0000002a`f68f7a80 00007ff7`4c15c508 : 00000224`c8bbc860 00007ff7`4c8ffde7 00000000`00000003 0000002a`00000000 : msaccess!WizChooseColor+0x3d5f50000002a`f68f7af0 00007ff7`4c94a899 : 00000000`00000000 00000000`00008004 0000002a`f68f8159 00000224`c8bbc860 : msaccess!JETESLoadProjectTypeLib+0xaa4080000002a`f68f7b40 00007ff7`4c5220e6 : 0000002a`f68f7ff8 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x9e8290000002a`f68f7fa0 00007ff7`4c0ad380 : 00000224`9ba9eec0 0000002a`f68f8160 00007ffb`d19988c0 0000002a`f68f8160 : msaccess!MSAU_GetSizeList+0x27460000002a`f68f80f0 00007ff7`4c0ac7c0 : 00000000`00000000 00000000`00000000 00000224`9ba9eec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32e800000002a`f68f81c0 00007ff7`4c925b5a : 00000224`9ba9ef18 00000000`00000000 00000224`9ba9eec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x322c00000002a`f68f84c0 00007ff7`4c0b0a7e : 00000224`94aced70 0000002a`f68f8bc0 00000224`94aced70 00000000`00000000 : msaccess!OpenHscrEmbedded+0x79aea0000002a`f68f8680 00007ff7`4c0a1de6 : 0000002a`f68f8830 0000002a`f68f8968 00000224`9b98af70 0000002a`f68f8968 : msaccess!ReleaseAccessIconResource+0x3657e0000002a`f68f87d0 00007ff7`4c246d2e : 0000002a`f68f8bc0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x278e60000002a`f68f88f0 00007ff7`4c242e71 : 0000002a`f68fc790 00000000`00000000 00007ffb`d3b40000 0000002a`f68fe0d0 : msaccess!MSAU_ErrSortStringArray+0x345ce0000002a`f68fc730 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x307110000002a`f68fdfe0 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b0000002a`f68ff6c0 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea0000002a`f68ffbe0 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb0000002a`f68ffd80 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce0000002a`f68ffe60 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x126120000002a`f68ffea0 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x170000002a`f68ffed0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c