Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-242
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ff74c5f9df7 (msaccess!AccessLoadString+0x0000000000043047) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: 0000000000000008Attempt to read from address 0000000000000008Child-SP RetAddr : Args to Child : Call Site000000b9`ad8ef260 00007ff7`4c5e4256 : 00000000`00000001 00000240`e1f1d888 00007ff7`4cbf7950 00000000`00000200 : msaccess!AccessLoadString+0x43047000000b9`ad8f0e60 00007ff7`4c5dc456 : 000000b9`ad8f1008 00000000`0000002c 000000b9`ad8f1008 00000000`00000000 : msaccess!AccessLoadString+0x2d4a6000000b9`ad8f0fc0 00007ff7`4c5dcb40 : 00000240`e1f31b78 000000b9`ad8f1ec8 000000b9`ad8f1ec8 00000000`00009d42 : msaccess!AccessLoadString+0x256a6000000b9`ad8f1e80 00007ff7`4c5dcb40 : 000000b9`ad8f2d88 00000240`d0c6a860 000000b9`ad8f2d88 00000000`00000004 : msaccess!AccessLoadString+0x25d90000000b9`ad8f2d40 00007ff7`4c5e3f86 : 00000240`88591f70 00000000`0000000c 000000b9`ad8f5d70 00000000`00000001 : msaccess!AccessLoadString+0x25d90000000b9`ad8f3c00 00007ff7`4c5e340d : 00000000`00000000 00000000`00000000 00000240`ca2e9fb2 00000000`00000001 : msaccess!AccessLoadString+0x2d1d6000000b9`ad8f43c0 00007ff7`4c5dba62 : 00000000`10000102 00000240`d0c6a860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c65d000000b9`ad8f5cc0 00007ff7`4c390d0e : 00000240`d0c6a860 00000240`e0c9ffa8 00000240`d0c6a860 00000240`d0c6a860 : msaccess!AccessLoadString+0x24cb2000000b9`ad8f60e0 00007ff7`4c390ba1 : 00007ffb`0443423c 00007ffb`d3b45f8b 00007ff7`4c853cfc 00007ff7`4c635c7c : msaccess!SizeCallback+0xdb8ee000000b9`ad8f62d0 00007ff7`4c85ad77 : 00000000`00000000 00000240`ca2e9fb2 000000b9`ad8f6888 00000000`00000005 : msaccess!SizeCallback+0xdb781000000b9`ad8f6330 00007ff7`4c85b8a0 : 00000240`d0c6a860 00000000`00000000 00000240`c9148fd0 00000240`d0c6a860 : msaccess!FUniqueIndexTableFieldEx+0xfc247000000b9`ad8f67c0 00007ff7`4c81dc50 : 00000240`d0c6a860 000000b9`ad8f68a0 00000000`00000000 00000240`b5ebdf00 : msaccess!FUniqueIndexTableFieldEx+0xfcd70000000b9`ad8f6850 00007ff7`4c850956 : 00000240`c9148fd0 00000000`00008000 00000240`d285af40 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xbf120000000b9`ad8f68d0 00007ff7`4c63536d : 00000240`ca2e9fa8 00000000`00000000 00000240`dbdc4f90 00000000`ffffffef : msaccess!FUniqueIndexTableFieldEx+0xf1e26000000b9`ad8f6930 00007ffb`04467504 : 00000000`00000000 00000240`dbdc4f90 000000b9`ad8f6980 00000240`c91c0f90 : msaccess!AccessLoadString+0x7e5bd000000b9`ad8f6960 00007ffb`0441e8b5 : 00000000`00000000 00000000`00000000 00000240`dbdc4e78 00000000`00000000 : VBE7!CProjitemDocument::LoadDocItem+0x58000000b9`ad8f69a0 00007ffb`045cf624 : 00000000`00000000 00000000`00000000 00000240`dbd02498 00000000`00000001 : VBE7!HostGetBaseClassTypeInfo3+0xf5000000b9`ad8f6a00 00007ffb`045cb071 : 00000240`d78309d0 000000b9`ad8f6c88 000000b9`ad8f6f80 00000240`88410000 : VBE7!IMPMGR::HookUpBaseTypeInfo+0xb8000000b9`ad8f6a70 00007ffb`045cad91 : 00000240`d78309d0 00007ffb`00000010 00000240`88410000 00000000`00000000 : VBE7!IMPMGR::LoadTypeInfo+0xe5000000b9`ad8f6ab0 00007ffb`045cbbc4 : 00000240`d78309d0 00000000`00000010 00000240`00000000 000000b9`ad8f6b88 : VBE7!IMPMGR::GetTypeInfo+0xcd000000b9`ad8f6b20 00007ffb`045cc1e1 : 00000240`d78309d0 00007ffb`00000000 000000b9`ad8f6b88 000000b9`ad8f6c88 : VBE7!IMPMGR::GetCoClassTypeInfoOfBase+0x78000000b9`ad8f6b60 00007ffb`045cf3ed : 00000240`d78309d0 000000b9`ad8f6cd8 000000b9`ad8f6cf0 00000001`00000001 : VBE7!IMPMGR::GetBaseTypeInfoAttribute+0x65000000b9`ad8f6cb0 00007ffb`0456b8a3 : 00000240`d78309d0 00000240`e0c97be0 000000b9`ad8f6db0 00000240`bd14bfd0 : VBE7!IMPMGR::Write+0x1f5000000b9`ad8f6d00 00007ffb`045738a5 : 00000240`bc020c40 00000240`e0c97be0 00000240`00000000 00000240`b239ff60 : VBE7!BASIC_TYPEROOT::WriteParts+0x583000000b9`ad8f6dc0 00007ffb`04573430 : 00000240`bc020c40 00000240`e0c97be0 00000240`00000000 000000b9`ad8f6e28 : VBE7!BASIC_TYPEROOT::WriteToStream+0xe5000000b9`ad8f6e00 00007ffb`04545292 : 00000240`bc020c40 00000240`d65eef00 000000b9`ad8f7160 000000b9`ad8f74b8 : VBE7!BASIC_TYPEROOT::Write+0x1b0000000b9`ad8f6f40 00007ffb`04544c3a : 00000240`d3a7bf80 00000240`d65eef00 000000b9`ad8f0002 00000240`00000001 : VBE7!ExecProj::SaveModule+0x32a000000b9`ad8f7590 00007ffb`0443423c : 00000240`d3a7bf80 00000000`00000000 000000b9`00000001 00000240`d0c6a860 : VBE7!ExecProj::Save+0x1da000000b9`ad8f7bc0 00007ff7`4c6377a8 : 00000240`dbcfcf38 00007ffb`0445e621 00000240`d152b8b0 00000240`dbcfcf38 : VBE7!Project::StgSave+0x134000000b9`ad8f7ca0 00007ff7`4c853cfc : 00000000`00000000 00000000`00000000 00000240`dbcfcf38 00000240`dbcfcf38 : msaccess!AccessLoadString+0x809f8000000b9`ad8f7d10 00007ff7`4c635c7c : 00000240`d285af40 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf51cc000000b9`ad8f7de0 00007ff7`4c851808 : 00000240`d285af70 00000000`80004005 00000240`d285af40 00000000`00000000 : msaccess!AccessLoadString+0x7eecc000000b9`ad8f81d0 00007ff7`4c852164 : 00000240`d285af40 000000b9`ad8f8320 00000000`00000000 00000240`00000000 : msaccess!FUniqueIndexTableFieldEx+0xf2cd8000000b9`ad8f8280 00007ff7`4c817f3b : 00000000`00000000 00000240`c7a4cfa0 00000000`00000001 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf3634000000b9`ad8f8320 00007ff7`4c0ad6f0 : 00000240`9b8ffec0 00000240`9b8ffec0 00000240`9b8ffec0 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xb940b000000b9`ad8f8460 00007ff7`4c925b8f : 00000000`00000000 00000240`9b8ffec0 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x331f0000000b9`ad8f84a0 00007ff7`4c0b0a7e : 00000240`9418cd70 000000b9`ad8f8ba0 00000240`9418cd70 00000000`00000000 : msaccess!OpenHscrEmbedded+0x79b1f000000b9`ad8f8660 00007ff7`4c0a1de6 : 000000b9`ad8f8810 000000b9`ad8f8948 00000240`acc5af70 000000b9`ad8f8948 : msaccess!ReleaseAccessIconResource+0x3657e000000b9`ad8f87b0 00007ff7`4c246d2e : 000000b9`ad8f8ba0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x278e6000000b9`ad8f88d0 00007ff7`4c242e71 : 000000b9`ad8fc770 00000000`00000000 00007ffb`d3b40000 000000b9`ad8fe0b0 : msaccess!MSAU_ErrSortStringArray+0x345ce000000b9`ad8fc710 00007ff7`4c23cbab : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30711000000b9`ad8fdfc0 00007ff7`4c24374a : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x2a44b000000b9`ad8ff6a0 00007ff7`4c50030b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fea000000b9`ad8ffbc0 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5c8cb000000b9`ad8ffd60 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce000000b9`ad8ffe40 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x12612000000b9`ad8ffe80 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000b9`ad8ffeb0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c