Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-246
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffbcc4fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site000000b3`832f7840 00007fff`bce71b66 : 000001bf`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d000000b3`832f78a0 00007ff8`726f1ee9 : 00000000`00000016 00000000`00000000 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x93000000b3`832f7910 00007ff8`726d5011 : 000001bf`5cff5f01 00000000`00000000 00000000`00000000 000000b3`832f79c0 : ucrtbase!raise+0x1d9000000b3`832f7990 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 000001bf`64cccff0 : ucrtbase!abort+0x31000000b3`832f79c0 00007ff8`726f1f37 : 000001bf`5cff5fc8 00000000`00000000 00000000`0b02621c 00000000`0b02621b : msaccess!SetEnumIntlView+0x202a000000b3`832f79f0 00007ff7`0c37771a : 000001bf`5cff5fc8 00007fff`bd22c560 00000000`00000000 00000000`10839328 : ucrtbase!terminate+0x17000000b3`832f7a20 00007ff7`0c378d9a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x3f9a000000b3`832f7a70 00007ff7`0c377d34 : 000001bf`5cff5f60 000001bf`419e9f90 000049d2`dd1fce43 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x561a000000b3`832f7ad0 00007ff7`0c3772c1 : 000001bf`5cff3fe0 000001bf`5cff3fe0 00000000`00000000 000000b3`832f7d10 : msaccess!JETESLoadProjectTypeLib+0x45b4000000b3`832f7b00 00007ff7`0c37c336 : 00000000`00000001 000000b3`00000000 000000b3`00000001 000000b3`832f7d10 : msaccess!JETESLoadProjectTypeLib+0x3b41000000b3`832f7b30 00007ff7`0cbc2d9b : 000000b3`00000001 00000000`00000000 000000b3`832f7d10 00007ff7`0cdd4f92 : msaccess!JETESLoadProjectTypeLib+0x8bb6000000b3`832f7b60 00007ff7`0c35d452 : 00000000`00000000 000000b3`832f7d10 000001bf`65605f40 00000000`00008004 : msaccess!OpenHscrEmbedded+0x52eeb000000b3`832f7ba0 00007ff7`0c807e72 : 00007ff7`0c35d410 00000000`00000000 00000000`00008004 000001bf`74e52f90 : msaccess!ReleaseAccessIconResource+0x217d2000000b3`832f7be0 00007ff7`0c808a15 : 000001bf`0d0e0000 000001bf`00000000 00000000`00000000 000000b3`832f80b8 : msaccess!MSAU_GetSizeList+0x24a22000000b3`832f7ce0 00007ff7`0c809946 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_GetSizeList+0x255c5000000b3`832f7fc0 00007ff7`0cd47988 : 000001bf`62004f30 00000000`00000000 000000b3`832f8110 00007ff7`0cd40f60 : msaccess!MSAU_GetSizeList+0x264f6000000b3`832f8010 00007ff7`0cd49d9e : 00000000`00000000 00000000`00000000 00000000`00000000 000001bf`0d773d88 : msaccess!OpenHscrEmbedded+0x1d7ad8000000b3`832f8350 00007ff7`0cd44006 : 00000000`00000000 000000b3`00000000 00000000`00000000 000001bf`293d01d0 : msaccess!OpenHscrEmbedded+0x1d9eee000000b3`832f8510 00007ff7`0cd44184 : 000000b3`00000002 000001bf`00000003 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x1d4156000000b3`832f8570 00007ff7`0c5090e9 : 000001bf`635aafe0 000000b3`832fc320 00000000`00000000 00000000`00000000 : msaccess!OpenHscrEmbedded+0x1d42d4000000b3`832f85a0 00007ff7`0c504855 : 000000b3`832fc280 00000000`00000000 00007ff8`74f9fbcc 000000b3`832fdbc0 : msaccess!MSAU_ErrSortStringArray+0x34f79000000b3`832fc220 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e5000000b3`832fdad0 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a477000000b3`832ff1b0 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba000000b3`832ff6d0 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef000000b3`832ff870 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df05000000b3`832ff950 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c72000000b3`832ff990 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000b3`832ff9c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c