Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-238
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ffb0d66a7dd (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000049`953a5350 00007ffb`0d8a8ad6 : 0000021e`01483052 00000000`00000000 00007ffb`0dc4af90 00000049`953a54e8 : mso20win32client!CrashWithRecovery+0x4d00000049`953a53b0 00007ffb`d1921ee9 : 00000000`00000016 00000000`00000000 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000049`953a5420 00007ffb`d1905011 : 00000000`12000001 00000000`00000000 00000000`00000000 00000049`953a54d0 : ucrtbase_7ffbd1860000!raise+0x1d900000049`953a54a0 00007ff7`4c2acb5a : 00000000`00000003 00000000`00000003 ffffffff`fffffffe 0000021e`62dc6ff0 : ucrtbase_7ffbd1860000!abort+0x3100000049`953a54d0 00007ffb`d1921f37 : 00000000`12000000 00000000`00000000 0000021e`596b8fc8 00000000`00000000 : msaccess!SetEnumIntlView+0x202a00000049`953a5500 00007ff7`4c0b61d4 : 00000000`12000000 00000000`00000000 00007ffb`0dc4af90 00000000`00000000 : ucrtbase_7ffbd1860000!terminate+0x1700000049`953a5530 00007ff7`4c0b7687 : 00000000`00000000 00000000`00000000 00000000`00000000 0000021e`6df79d68 : msaccess!JETESLoadProjectTypeLib+0x40d400000049`953a5570 00007ff7`4c0b6660 : 0000021e`596b8f60 0000021e`75752f90 0000678c`8c93a860 00007ffb`d3c1ec72 : msaccess!JETESLoadProjectTypeLib+0x558700000049`953a55d0 00007ff7`4c0b5bd1 : 0000021e`596b6fe0 0000021e`596b6fe0 00000049`953a56e0 00000049`953a5748 : msaccess!JETESLoadProjectTypeLib+0x456000000049`953a5600 00007ff7`4c0b5d0d : 00000000`00008007 00000049`953a6040 0000021e`359f5860 00007ff7`4cce0200 : msaccess!JETESLoadProjectTypeLib+0x3ad100000049`953a5630 00007ff7`4c0a03d3 : 00000049`953a56e0 0000021e`6b3caf30 00000000`00000002 00000049`953a5ba0 : msaccess!JETESLoadProjectTypeLib+0x3c0d00000049`953a5670 00007ff7`4c0a05ef : 0000021e`6b59cfd0 0000021e`6b3caf38 00000049`953a5ba0 00000049`953a5758 : msaccess!ReleaseAccessIconResource+0x25ed300000049`953a56a0 00007ff7`4c09fdef : 00000000`08000001 00000000`00000000 00000000`00000007 00007ffb`d10cb4a1 : msaccess!ReleaseAccessIconResource+0x260ef00000049`953a5830 00007ff7`4c09c289 : 0000021e`6b3caf30 0000021e`672bafe8 00000000`00000000 00000000`00000411 : msaccess!ReleaseAccessIconResource+0x258ef00000049`953a5a80 00007ff7`4c90c43f : 0000021e`00000001 00000000`00000000 00000000`00008007 00007ff7`4c0af85d : msaccess!ReleaseAccessIconResource+0x21d8900000049`953a5af0 00007ff7`4c94b3d7 : 00007ff7`00000000 00000000`00000000 00000049`953a6040 00000000`00000000 : msaccess!OpenHscrEmbedded+0x603cf00000049`953a5b60 00007ff7`4c85af2f : 00000000`00000000 0000021e`6b6defd2 00000049`953a6298 0000021e`2bd21f70 : msaccess!OpenHscrEmbedded+0x9f36700000049`953a5d40 00007ff7`4c85b8a0 : 0000021e`359f5860 00000000`00000000 0000021e`63996fd0 0000021e`359f5860 : msaccess!FUniqueIndexTableFieldEx+0xfc3ff00000049`953a61d0 00007ff7`4c81dc50 : 0000021e`359f5860 00000049`953a62b0 00000000`00000000 0000021e`6d57ef00 : msaccess!FUniqueIndexTableFieldEx+0xfcd7000000049`953a6260 00007ff7`4c850956 : 0000021e`63996fd0 00000000`00008000 0000021e`71bf1f40 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xbf12000000049`953a62e0 00007ff7`4c63536d : 0000021e`6b6defc8 00000000`00000000 0000021e`001d3f90 00000000`ffffffef : msaccess!FUniqueIndexTableFieldEx+0xf1e2600000049`953a6340 00007ffb`047b7504 : 00000000`00000000 0000021e`001d3f90 00000049`953a6390 0000021e`71f62f90 : msaccess!AccessLoadString+0x7e5bd00000049`953a6370 00007ffb`0476e8b5 : 00000000`00000000 00000000`00000000 0000021e`001d3e78 00000000`00000000 : VBE7!CProjitemDocument::LoadDocItem+0x5800000049`953a63b0 00007ffb`0491f624 : 00000000`00000000 00000000`00000000 0000021e`00110498 00000000`00000001 : VBE7!HostGetBaseClassTypeInfo3+0xf500000049`953a6410 00007ffb`0491b071 : 0000021e`654d29d0 00000049`953a6698 00000049`953a6980 0000021e`2bba0000 : VBE7!IMPMGR::HookUpBaseTypeInfo+0xb800000049`953a6480 00007ffb`0491ad91 : 0000021e`654d29d0 00007ffb`00000010 0000021e`2bba0000 00000000`00000000 : VBE7!IMPMGR::LoadTypeInfo+0xe500000049`953a64c0 00007ffb`0491bbc4 : 0000021e`654d29d0 00000000`00000010 0000021e`00000000 00000049`953a6598 : VBE7!IMPMGR::GetTypeInfo+0xcd00000049`953a6530 00007ffb`0491c1e1 : 0000021e`654d29d0 00007ffb`00000000 00000049`953a6598 00000049`953a6698 : VBE7!IMPMGR::GetCoClassTypeInfoOfBase+0x7800000049`953a6570 00007ffb`0491f3ed : 0000021e`654d29d0 00000049`953a66e8 00000049`953a6700 00000001`00000001 : VBE7!IMPMGR::GetBaseTypeInfoAttribute+0x6500000049`953a66c0 00007ffb`048bb8a3 : 0000021e`654d29d0 0000021e`5ffc4be0 00000049`953a67c0 0000021e`638f6fd0 : VBE7!IMPMGR::Write+0x1f500000049`953a6710 00007ffb`048c38a5 : 0000021e`570fac40 0000021e`5ffc4be0 0000021e`00000000 0000021e`79c00f60 : VBE7!BASIC_TYPEROOT::WriteParts+0x58300000049`953a67d0 00007ffb`048c3430 : 0000021e`570fac40 0000021e`5ffc4be0 0000021e`00000000 00000049`953a6838 : VBE7!BASIC_TYPEROOT::WriteToStream+0xe500000049`953a6810 00007ffb`04895292 : 0000021e`570fac40 0000021e`72503f00 00000049`953a6b60 00000049`953a6ec8 : VBE7!BASIC_TYPEROOT::Write+0x1b000000049`953a6950 00007ffb`04894c3a : 0000021e`3e434f80 0000021e`72503f00 00000049`953a0002 0000021e`00000001 : VBE7!ExecProj::SaveModule+0x32a00000049`953a6fa0 00007ffb`0478423c : 0000021e`3e434f80 00000000`00000000 00000049`00000001 0000021e`359f5860 : VBE7!ExecProj::Save+0x1da00000049`953a75d0 00007ff7`4c6377a8 : 0000021e`0010af38 00007ffb`047ae621 0000021e`3e4378b0 0000021e`0010af38 : VBE7!Project::StgSave+0x13400000049`953a76b0 00007ff7`4c853cfc : 00000000`00000000 00000000`00000000 0000021e`0010af38 0000021e`0010af38 : msaccess!AccessLoadString+0x809f800000049`953a7720 00007ff7`4c635c7c : 0000021e`71bf1f40 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf51cc00000049`953a77f0 00007ff7`4c851808 : 0000021e`71bf1f70 00000000`80004005 0000021e`71bf1f40 00000000`00000000 : msaccess!AccessLoadString+0x7eecc00000049`953a7be0 00007ff7`4c852164 : 0000021e`71bf1f40 00000049`953a7d30 00000000`00000000 0000021e`00000000 : msaccess!FUniqueIndexTableFieldEx+0xf2cd800000049`953a7c90 00007ff7`4c817f3b : 00000000`00000000 0000021e`63090fa0 00000000`00000001 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf363400000049`953a7d30 00007ff7`4c0ad6f0 : 0000021e`6af00ec0 0000021e`6af00ec0 0000021e`6af00ec0 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xb940b00000049`953a7e70 00007ff7`4c925b8f : 00000000`00000000 0000021e`6af00ec0 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x331f000000049`953a7eb0 00007ff7`4c0b0a7e : 0000021e`37918d70 00000049`953a85b0 0000021e`37918d70 00000000`00000000 : msaccess!OpenHscrEmbedded+0x79b1f00000049`953a8070 00007ff7`4c0a1de6 : 00000049`953a8220 00000049`953a8358 0000021e`3ef64f70 00000049`953a8358 : msaccess!ReleaseAccessIconResource+0x3657e00000049`953a81c0 00007ff7`4c246d2e : 00000049`953a85b0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x278e600000049`953a82e0 00007ff7`4c242e71 : 00000049`953ac180 00000000`00000000 00007ffb`d3b40000 00000049`953adac0 : msaccess!MSAU_ErrSortStringArray+0x345ce00000049`953ac120 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x3071100000049`953ad9d0 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b00000049`953af0b0 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea00000049`953af5d0 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb00000049`953af770 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce00000049`953af850 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x1261200000049`953af890 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000049`953af8c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c