Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-227
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ffb0d11a7dd (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000022`9bcf7ba0 00007ffb`0d358ad6 : 000001c1`01483052 00000000`00000000 00007ffb`0d6faf90 00000022`9bcf7d38 : mso20win32client!CrashWithRecovery+0x4d00000022`9bcf7c00 00007ffb`d1921ee9 : 00000000`00000016 00000000`00000000 000001c1`78640000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000022`9bcf7c70 00007ffb`d1905011 : 00000000`2257ff01 00000000`00000000 00000000`00000000 00000022`9bcf7d20 : ucrtbase!raise+0x1d900000022`9bcf7cf0 00007ff7`4c2acb5a : 00000000`00000003 00000000`00000003 ffffffff`fffffffe 000001c1`2520eff0 : ucrtbase!abort+0x3100000022`9bcf7d20 00007ffb`d1921f37 : 00000000`2257ff33 00000000`00000000 000001c1`266b2fc8 00000000`00000000 : msaccess!SetEnumIntlView+0x202a00000022`9bcf7d50 00007ff7`4c0b61d4 : 00000000`2257ff33 000001c1`0cd08ff0 00007ffb`0d6faf90 000001c1`1cd9df90 : ucrtbase!terminate+0x1700000022`9bcf7d80 00007ff7`4c0b7687 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x40d400000022`9bcf7dc0 00007ff7`4c0b6660 : 000001c1`266b2f60 000001c1`3886af90 00003065`6ffa2c36 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x558700000022`9bcf7e20 00007ff7`4c0b5bd1 : 000001c1`265acfe0 000001c1`265acfe0 00000000`00000000 00000022`9bcf8060 : msaccess!JETESLoadProjectTypeLib+0x456000000022`9bcf7e50 00007ff7`4c0bac56 : 00000000`00000001 00000022`00000000 00000022`00000001 00000022`9bcf8060 : msaccess!JETESLoadProjectTypeLib+0x3ad100000022`9bcf7e80 00007ff7`4c8fefeb : 00000022`00000001 00000000`00000000 00000022`9bcf8060 00007ff7`4cb11fe2 : msaccess!JETESLoadProjectTypeLib+0x8b5600000022`9bcf7eb0 00007ff7`4c09bd92 : 00000000`00000000 00000022`9bcf8060 000001c1`04a9ef40 00000000`00008004 : msaccess!OpenHscrEmbedded+0x52f7b00000022`9bcf7ef0 00007ff7`4c544422 : 00007ff7`4c09bd50 00000000`00000000 00000000`00008004 000001c1`08d58f90 : msaccess!ReleaseAccessIconResource+0x2189200000022`9bcf7f30 00007ff7`4c544fc2 : 000001c1`78640000 7fffffff`00000000 00000000`00000000 00000022`9bcf8408 : msaccess!MSAU_GetSizeList+0x24a8200000022`9bcf8030 00007ff7`4c545f13 : 00000000`00000000 000001c1`29351d88 00000000`00000000 00007ffb`09948864 : msaccess!MSAU_GetSizeList+0x2562200000022`9bcf8310 00007ff7`4ca84427 : 00000000`00000000 00000000`00000000 00000022`9bcf8460 00000000`00000000 : msaccess!MSAU_GetSizeList+0x2657300000022`9bcf8360 00007ff7`4ca86829 : 00000000`00000000 00000000`00000000 00000000`00000000 000001c1`29351d88 : msaccess!OpenHscrEmbedded+0x1d83b700000022`9bcf8690 00007ff7`4ca80ae6 : 00000000`00000000 00000022`00000000 00000000`00000000 000001c1`14e9e1d0 : msaccess!OpenHscrEmbedded+0x1da7b900000022`9bcf8840 00007ff7`4ca80c64 : 00000022`00000002 000001c1`00000003 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x1d4a7600000022`9bcf88a0 00007ff7`4c2476f0 : 000001c1`0b356fe0 00000022`9bcfc810 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x1d4bf400000022`9bcf88d0 00007ff7`4c242e71 : 00000022`9bcfc770 00000000`00000000 00007ffb`d3b40000 00000022`9bcfe0b0 : msaccess!MSAU_ErrSortStringArray+0x34f9000000022`9bcfc710 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x3071100000022`9bcfdfc0 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b00000022`9bcff6a0 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea00000022`9bcffbc0 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb00000022`9bcffd60 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce00000022`9bcffe40 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x1261200000022`9bcffe80 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000022`9bcffeb0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c