Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-241
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ff74c5f9df7 (msaccess!AccessLoadString+0x0000000000043047) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: 0000000000000008Attempt to read from address 0000000000000008Child-SP RetAddr : Args to Child : Call Site000000ab`87b80130 00007ff7`4c5e4256 : 00007ff7`4c50581e 00007ff7`4c505a96 00007ff7`4cbf7950 00000000`00000200 : msaccess!AccessLoadString+0x43047000000ab`87b81d30 00007ff7`4c5dc456 : 000000ab`87b81ed8 00000000`00000020 000000ab`87b81ed8 00000000`0100100a : msaccess!AccessLoadString+0x2d4a6000000ab`87b81e90 00007ff7`4c5dcb40 : 000000ab`87b82d98 00000206`3f87a860 000000ab`87b82d98 00000000`0000ffa5 : msaccess!AccessLoadString+0x256a6000000ab`87b82d50 00007ff7`4c5e3f86 : 00000206`33d91f70 00000000`0000000c 000000ab`87b85d80 00000000`00000001 : msaccess!AccessLoadString+0x25d90000000ab`87b83c10 00007ff7`4c5e340d : 00000000`00000000 00000000`00000000 000000ab`87b8699e 00000000`00000001 : msaccess!AccessLoadString+0x2d1d6000000ab`87b843d0 00007ff7`4c5dba62 : 00000000`10000102 00000206`3f87a860 00000000`00008004 00000000`00000000 : msaccess!AccessLoadString+0x2c65d000000ab`87b85cd0 00007ff7`4c390d0e : 00000206`3f87a860 00000206`4447cfa8 00000206`3f87a860 00000206`3f87a860 : msaccess!AccessLoadString+0x24cb2000000ab`87b860f0 00007ff7`4c390ba1 : 00007ffb`0443423c 00007ffb`d3b45f8b 00007ff7`4c853cfc 00007ff7`4c635c7c : msaccess!SizeCallback+0xdb8ee000000ab`87b862e0 00007ff7`4c85ad77 : 00000000`00000000 000000ab`87b8699e 000000ab`87b86898 00000000`00000012 : msaccess!SizeCallback+0xdb781000000ab`87b86340 00007ff7`4c85b8a0 : 00000206`3f87a860 00000000`00000000 00000206`7e84dfd0 00000206`3f87a860 : msaccess!FUniqueIndexTableFieldEx+0xfc247000000ab`87b867d0 00007ff7`4c81dc50 : 00000206`3f87a860 000000ab`87b868b0 00000000`00000000 00007ff7`4c94f383 : msaccess!FUniqueIndexTableFieldEx+0xfcd70000000ab`87b86860 00007ff7`4c850956 : 00000206`7e84dfd0 00000000`00008004 00000206`736b8f40 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xbf120000000ab`87b868e0 00007ff7`4c63536d : 000000ab`87b86990 00000000`00000000 00000206`08223f90 00007ffb`00000027 : msaccess!FUniqueIndexTableFieldEx+0xf1e26000000ab`87b86940 00007ffb`0446756a : 00000000`00000000 00000206`08223f90 000000ab`87b869e0 00000206`74452f90 : msaccess!AccessLoadString+0x7e5bd000000ab`87b86970 00007ffb`0441e8b5 : 00000000`00000000 00000000`00000000 00000206`08223e78 00000000`00000000 : VBE7!CProjitemDocument::LoadDocItem+0xbe000000ab`87b86a00 00007ffb`045cf624 : 00000000`00000000 00000000`00000000 00000206`08116498 00000000`00000001 : VBE7!HostGetBaseClassTypeInfo3+0xf5000000ab`87b86a60 00007ffb`045cb071 : 00000206`03ea39d0 000000ab`87b86ce8 000000ab`87b86fe0 00000206`33c10000 : VBE7!IMPMGR::HookUpBaseTypeInfo+0xb8000000ab`87b86ad0 00007ffb`045cad91 : 00000206`03ea39d0 00007ffb`00000010 00000206`33c10000 00000000`00000000 : VBE7!IMPMGR::LoadTypeInfo+0xe5000000ab`87b86b10 00007ffb`045cbbc4 : 00000206`03ea39d0 00000000`00000010 00000206`00000000 000000ab`87b86be8 : VBE7!IMPMGR::GetTypeInfo+0xcd000000ab`87b86b80 00007ffb`045cc1e1 : 00000206`03ea39d0 00007ffb`00000000 000000ab`87b86be8 000000ab`87b86ce8 : VBE7!IMPMGR::GetCoClassTypeInfoOfBase+0x78000000ab`87b86bc0 00007ffb`045cf3ed : 00000206`03ea39d0 000000ab`87b86d38 000000ab`87b86d50 00000001`00000001 : VBE7!IMPMGR::GetBaseTypeInfoAttribute+0x65000000ab`87b86d10 00007ffb`0456b8a3 : 00000206`03ea39d0 00000206`10010be0 000000ab`87b86e10 00000206`6cb8dfd0 : VBE7!IMPMGR::Write+0x1f5000000ab`87b86d60 00007ffb`045738a5 : 00000206`46892c40 00000206`10010be0 00000206`00000000 00000206`1000cf60 : VBE7!BASIC_TYPEROOT::WriteParts+0x583000000ab`87b86e20 00007ffb`04573430 : 00000206`46892c40 00000206`10010be0 00000206`00000000 000000ab`87b86e88 : VBE7!BASIC_TYPEROOT::WriteToStream+0xe5000000ab`87b86e60 00007ffb`04545292 : 00000206`46892c40 00000206`738b8f00 000000ab`87b871c0 000000ab`87b87518 : VBE7!BASIC_TYPEROOT::Write+0x1b0000000ab`87b86fa0 00007ffb`04544c3a : 00000206`60911f80 00000206`738b8f00 000000ab`87b80009 00000206`00000001 : VBE7!ExecProj::SaveModule+0x32a000000ab`87b875f0 00007ffb`0443423c : 00000206`60911f80 00000000`00000000 000000ab`00000001 00000206`3f87a860 : VBE7!ExecProj::Save+0x1da000000ab`87b87c20 00007ff7`4c6377a8 : 00000206`08110f38 00007ffb`0445e621 00000206`639758b0 00000206`08110f38 : VBE7!Project::StgSave+0x134000000ab`87b87d00 00007ff7`4c853cfc : 00000000`00000000 00000000`00000000 00000206`08110f38 00000206`08110f38 : msaccess!AccessLoadString+0x809f8000000ab`87b87d70 00007ff7`4c635c7c : 00000206`736b8f40 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf51cc000000ab`87b87e40 00007ff7`4c851808 : 00000206`736b8f70 00000000`80004005 00000206`736b8f40 00000000`00000000 : msaccess!AccessLoadString+0x7eecc000000ab`87b88230 00007ff7`4c852164 : 00000206`736b8f40 000000ab`87b88380 00000000`00000000 00000206`00000000 : msaccess!FUniqueIndexTableFieldEx+0xf2cd8000000ab`87b882e0 00007ff7`4c817f3b : 00000000`00000000 00000206`73370fa0 00000000`00000001 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf3634000000ab`87b88380 00007ff7`4c0ad6f0 : 00000206`603e9ec0 00000206`603e9ec0 00000206`603e9ec0 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xb940b000000ab`87b884c0 00007ff7`4c925b8f : 00000000`00000000 00000206`603e9ec0 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x331f0000000ab`87b88500 00007ff7`4c0b0a7e : 00000206`3f78ed70 000000ab`87b88c00 00000206`3f78ed70 00000000`00000000 : msaccess!OpenHscrEmbedded+0x79b1f000000ab`87b886c0 00007ff7`4c0a1de6 : 000000ab`87b88870 000000ab`87b889a8 00000206`75074f70 000000ab`87b889a8 : msaccess!ReleaseAccessIconResource+0x3657e000000ab`87b88810 00007ff7`4c246d2e : 000000ab`87b88c00 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x278e6000000ab`87b88930 00007ff7`4c242e71 : 000000ab`87b8c7d0 00000000`00000000 00007ffb`d3b40000 000000ab`87b8e110 : msaccess!MSAU_ErrSortStringArray+0x345ce000000ab`87b8c770 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30711000000ab`87b8e020 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b000000ab`87b8f700 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea000000ab`87b8fc20 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb000000ab`87b8fdc0 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce000000ab`87b8fea0 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x12612000000ab`87b8fee0 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000ab`87b8ff10 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c