Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-235
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ffb0d66a7dd (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site0000003c`956f2cf0 00007ffb`0d8a8ad6 : 0000015e`01483052 00000000`00000000 00007ffb`0dc4af90 0000003c`956f2e88 : mso20win32client!CrashWithRecovery+0x4d0000003c`956f2d50 00007ffb`d1921ee9 : 00000000`00000016 0000015e`db3f1b78 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x930000003c`956f2dc0 00007ffb`d1905011 : 0000015e`db3f3b01 0000015e`00000000 00000000`00000000 0000003c`956f2e70 : ucrtbase!raise+0x1d90000003c`956f2e40 00007ff7`4c2acb5a : 00000000`00000003 00000000`00000003 ffffffff`fffffffe 0000015e`85e5eff0 : ucrtbase!abort+0x310000003c`956f2e70 00007ffb`d1921f37 : 0000015e`db3f3b78 0000015e`db3f1b78 00000000`00000083 0000015e`db3f1b78 : msaccess!SetEnumIntlView+0x202a0000003c`956f2ea0 00007ff7`4c306371 : 0000015e`db3f3b78 00000000`fffffffd 00007ffb`0dc4af90 01010101`01010101 : ucrtbase!terminate+0x170000003c`956f2ed0 00007ff7`4c3087b2 : 0000015e`db3f3b78 00000000`00000000 00000000`00000083 00007ffb`10e42775 : msaccess!SizeCallback+0x50f510000003c`956f2f00 00007ff7`4c5dca90 : 0000003c`956f2fa8 0000015e`c0d9e860 00000000`00000083 00000000`0100100a : msaccess!SizeCallback+0x533920000003c`956f2f60 00007ff7`4c5dcb40 : 0000003c`956f3e68 0000015e`c0d9e860 0000003c`956f3e68 00000000`0000fb95 : msaccess!AccessLoadString+0x25ce00000003c`956f3e20 00007ff7`4c5e3f86 : 0000015e`85d71f70 00000000`0000000c 0000003c`956f6e50 00000000`00000001 : msaccess!AccessLoadString+0x25d900000003c`956f4ce0 00007ff7`4c5e340d : 00000000`00000000 00000000`00000000 0000003c`956f7660 00000000`00000001 : msaccess!AccessLoadString+0x2d1d60000003c`956f54a0 00007ff7`4c5dba62 : 00000000`00020102 0000015e`c0d9e860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c65d0000003c`956f6da0 00007ff7`4c390d0e : 0000015e`d387af40 0000003c`956f71e0 00002818`236fe77c 00000000`00000102 : msaccess!AccessLoadString+0x24cb20000003c`956f71c0 00007ff7`4c3cfce5 : 006f0073`006f0072 004a002e`00740066 004e002e`00740065 00760069`00740061 : msaccess!SizeCallback+0xdb8ee0000003c`956f73b0 00007ff7`4c15c508 : 0000015e`c0d9e860 00007ff7`4c8ffde7 00000000`00000003 0000003c`00000000 : msaccess!WizChooseColor+0x3d5f50000003c`956f7420 00007ff7`4c94a899 : 00000000`00000000 00000000`00008000 0000003c`956f7a89 0000015e`c0d9e860 : msaccess!JETESLoadProjectTypeLib+0xaa4080000003c`956f7470 00007ff7`4c5220b5 : 0000003c`956f7928 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x9e8290000003c`956f78d0 00007ff7`4c0ad380 : 0000015e`98a68ec0 0000003c`956f7a90 00007ffb`d19988c0 0000003c`956f7a90 : msaccess!MSAU_GetSizeList+0x27150000003c`956f7a20 00007ff7`4c0ac7c0 : 00000000`00000000 00000000`00000000 0000015e`98a68ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32e800000003c`956f7af0 00007ff7`4c925b5a : 0000015e`98a68f18 00000000`00000000 0000015e`98a68ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x322c00000003c`956f7df0 00007ff7`4c0b0a7e : 0000015e`916bed70 0000003c`956f84f0 0000015e`916bed70 00000000`00000000 : msaccess!OpenHscrEmbedded+0x79aea0000003c`956f7fb0 00007ff7`4c0a1de6 : 0000003c`956f8160 0000003c`956f8298 0000015e`b2dd3f70 0000003c`956f8298 : msaccess!ReleaseAccessIconResource+0x3657e0000003c`956f8100 00007ff7`4c246d2e : 0000003c`956f84f0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x278e60000003c`956f8220 00007ff7`4c242e71 : 0000003c`956fc0c0 00000000`00000000 00007ffb`d3b40000 0000003c`956fda00 : msaccess!MSAU_ErrSortStringArray+0x345ce0000003c`956fc060 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x307110000003c`956fd910 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b0000003c`956feff0 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea0000003c`956ff510 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb0000003c`956ff6b0 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce0000003c`956ff790 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x126120000003c`956ff7d0 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x170000003c`956ff800 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c