Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-230
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ffb0d26a7dd (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000039`e9fe20c0 00007ffb`0d4a8ad6 : 00000237`01483052 00000000`00000000 00007ffb`0d84af90 00000039`e9fe2258 : mso20win32client!CrashWithRecovery+0x4d00000039`e9fe2120 00007ffb`d1921ee9 : 00000000`00000016 00000237`ec463b78 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000039`e9fe2190 00007ffb`d1905011 : 00000237`ec465b01 00000237`00000000 00000000`00000000 00000039`e9fe2240 : ucrtbase!raise+0x1d900000039`e9fe2210 00007ff7`4c2acb5a : 00000000`00000003 00000000`00000003 ffffffff`fffffffe 00000237`95012ff0 : ucrtbase!abort+0x3100000039`e9fe2240 00007ffb`d1921f37 : 00000237`ec465b78 00000237`ec463b78 00000000`00000083 00000237`ec463b78 : msaccess!SetEnumIntlView+0x202a00000039`e9fe2270 00007ff7`4c306371 : 00000237`ec465b78 00000000`fffffffd 00007ffb`0d84af90 01010101`01010101 : ucrtbase!terminate+0x1700000039`e9fe22a0 00007ff7`4c3087b2 : 00000237`ec465b78 00000000`00000000 00000000`00000083 00000237`ec463b78 : msaccess!SizeCallback+0x50f5100000039`e9fe22d0 00007ff7`4c5dca90 : 00000039`e9fe2378 00000237`da6d6860 00000000`00000083 00000000`0000fa46 : msaccess!SizeCallback+0x5339200000039`e9fe2330 00007ff7`4c5dcb40 : 00000237`ec459778 00000039`e9fe3238 00000039`e9fe3238 00000000`0000fea0 : msaccess!AccessLoadString+0x25ce000000039`e9fe31f0 00007ff7`4c5dcb40 : 00000237`dacc4ff0 00000039`e9fe40f8 00000039`e9fe40f8 00000000`0000fef2 : msaccess!AccessLoadString+0x25d9000000039`e9fe40b0 00007ff7`4c5e3f86 : 00000237`8bd11f70 00000000`0000000c 00000039`e9fe70e0 00000000`00000001 : msaccess!AccessLoadString+0x25d9000000039`e9fe4f70 00007ff7`4c5e340d : 00000000`00000000 00000000`00000000 00000039`e9fe78f0 00000000`00000001 : msaccess!AccessLoadString+0x2d1d600000039`e9fe5730 00007ff7`4c5dba62 : 00000000`00020102 00000237`da6d6860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c65d00000039`e9fe7030 00007ff7`4c390d0e : 00000237`d8a53f40 00000039`e9fe7470 0000ea39`adc73f61 00000000`00000102 : msaccess!AccessLoadString+0x24cb200000039`e9fe7450 00007ff7`4c3cfce5 : 006f0073`006f0072 004a002e`00740066 004e002e`00740065 00760069`00740061 : msaccess!SizeCallback+0xdb8ee00000039`e9fe7640 00007ff7`4c15c508 : 00000237`da6d6860 00007ff7`4c8ffde7 00000000`00000003 00000039`00000000 : msaccess!WizChooseColor+0x3d5f500000039`e9fe76b0 00007ff7`4c94a899 : 00000000`00000000 00000000`00008000 00000039`e9fe7d19 00000237`da6d6860 : msaccess!JETESLoadProjectTypeLib+0xaa40800000039`e9fe7700 00007ff7`4c5220b5 : 00000039`e9fe7bb8 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x9e82900000039`e9fe7b60 00007ff7`4c0ad380 : 00000237`dfa0aec0 00000039`e9fe7d20 00007ffb`d19988c0 00000039`e9fe7d20 : msaccess!MSAU_GetSizeList+0x271500000039`e9fe7cb0 00007ff7`4c0ac7c0 : 00000000`00000000 00000000`00000000 00000237`dfa0aec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32e8000000039`e9fe7d80 00007ff7`4c925b5a : 00000237`dfa0af18 00000000`00000000 00000237`dfa0aec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x322c000000039`e9fe8080 00007ff7`4c0b0a7e : 00000237`976b2d70 00000039`e9fe8780 00000237`976b2d70 00000000`00000000 : msaccess!OpenHscrEmbedded+0x79aea00000039`e9fe8240 00007ff7`4c0a1de6 : 00000039`e9fe83f0 00000039`e9fe8528 00000237`d16b5f70 00000039`e9fe8528 : msaccess!ReleaseAccessIconResource+0x3657e00000039`e9fe8390 00007ff7`4c246d2e : 00000039`e9fe8780 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x278e600000039`e9fe84b0 00007ff7`4c242e71 : 00000039`e9fec350 00000000`00000000 00007ffb`d3b40000 00000039`e9fedc90 : msaccess!MSAU_ErrSortStringArray+0x345ce00000039`e9fec2f0 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x3071100000039`e9fedba0 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b00000039`e9fef280 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea00000039`e9fef7a0 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb00000039`e9fef940 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce00000039`e9fefa20 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x1261200000039`e9fefa60 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000039`e9fefa90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c