Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-228
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ffb0d11a7dd (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000055`9e8f1cc0 00007ffb`0d358ad6 : 000001f9`01483052 00000000`00000000 00007ffb`0d6faf90 00000055`9e8f1e58 : mso20win32client!CrashWithRecovery+0x4d00000055`9e8f1d20 00007ffb`d1921ee9 : 00000000`00000016 000001f9`9dde7000 00000001`42480000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000055`9e8f1d90 00007ffb`d1905011 : 00000000`ffffe201 000001f9`00000000 00000000`00000000 00000055`9e8f1e40 : ucrtbase!raise+0x1d900000055`9e8f1e10 00007ff7`4c2acb5a : 00000000`00000003 00000000`00000003 ffffffff`fffffffe 000001f9`8194bff0 : ucrtbase!abort+0x3100000055`9e8f1e40 00007ffb`d1921f37 : 00000000`ffffe207 000001f9`9dde7000 000001f9`9fccff90 000001f9`9dde7000 : msaccess!SetEnumIntlView+0x202a00000055`9e8f1e70 00007ff7`4c0b61d4 : 00000000`ffffe207 00007ff7`4c308815 00007ffb`0d6faf90 000001f9`a7cdfbb8 : ucrtbase!terminate+0x1700000055`9e8f1ea0 00007ff7`4c14f928 : 00000055`9e8f1f58 000001f9`9dde7000 000001f9`9dde6fd0 00000055`9e8f4500 : msaccess!JETESLoadProjectTypeLib+0x40d400000055`9e8f1ee0 00007ff7`4c5dcc4a : 00000055`9e8f1f58 000001f9`9fccff90 00000055`9e8f1f58 00000000`00000005 : msaccess!JETESLoadProjectTypeLib+0x9d82800000055`9e8f1f10 00007ff7`4c5dcb40 : 000001f9`98c57ff0 00000055`9e8f2e18 00000055`9e8f2e18 00000000`00000000 : msaccess!AccessLoadString+0x25e9a00000055`9e8f2dd0 00007ff7`4c5e3f86 : 000001f9`b9181f70 00000000`0000000c 00000055`9e8f5e00 00000000`00000001 : msaccess!AccessLoadString+0x25d9000000055`9e8f3c90 00007ff7`4c5e340d : 00000000`00000000 00000000`00000000 00000055`9e8f7530 00000000`00000001 : msaccess!AccessLoadString+0x2d1d600000055`9e8f4450 00007ff7`4c5dba62 : 00000000`00000102 000001f9`c21b6860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c65d00000055`9e8f5d50 00007ff7`4c390d0e : 00000000`00000000 00007ff7`4c907fe7 000001f9`c43de0f0 00007ffb`d240536f : msaccess!AccessLoadString+0x24cb200000055`9e8f6170 00007ff7`4c390ba1 : 00000055`9e8f7530 00007ff7`4c3c3c1e 00000000`00000080 00000000`00000001 : msaccess!SizeCallback+0xdb8ee00000055`9e8f6360 00007ff7`4c389958 : 00000000`00000080 000001f9`c21b6860 00000000`00000202 00000000`00000000 : msaccess!SizeCallback+0xdb78100000055`9e8f63c0 00007ff7`4c38b339 : 00000000`00000002 00000000`00000080 00000055`9e8f8360 00000000`00000202 : msaccess!SizeCallback+0xd453800000055`9e8f7690 00007ff7`4c55f006 : 00000000`00000000 00000055`9e8f8590 00000000`000007d1 00000000`00008000 : msaccess!SizeCallback+0xd5f1900000055`9e8f7740 00007ff7`4c22ffe6 : 00000000`f229a6a0 00000055`9e8f8590 00000000`00000001 00000055`9e8f8590 : msaccess!MSAU_GetSizeList+0x3f66600000055`9e8f8310 00007ff7`4c2278b3 : 00000000`00000001 00000000`00000016 00000000`00000001 00000055`9e8f8590 : msaccess!MSAU_ErrSortStringArray+0x1d88600000055`9e8f8490 00007ff7`4c2477dd : 000001f9`f009afe0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x1515300000055`9e8f8830 00007ff7`4c242e71 : 00000055`9e8fc6d0 00000000`00000000 00007ffb`d3b40000 00000055`9e8fe010 : msaccess!MSAU_ErrSortStringArray+0x3507d00000055`9e8fc670 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x3071100000055`9e8fdf20 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b00000055`9e8ff600 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea00000055`9e8ffb20 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb00000055`9e8ffcc0 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce00000055`9e8ffda0 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x1261200000055`9e8ffde0 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000055`9e8ffe10 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c