Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-251
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffbcc4fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000029`37ef6fb0 00007fff`bce71b66 : 0000013e`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d00000029`37ef7010 00007ff8`726f1ee9 : 00000000`00000016 00000000`00000000 0000013e`7e870000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000029`37ef7080 00007ff8`726d5011 : 00000000`23000001 00000000`00000000 00000000`00000000 00000029`37ef7130 : ucrtbase!raise+0x1d900000029`37ef7100 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 0000013e`580ddff0 : ucrtbase!abort+0x3100000029`37ef7130 00007ff8`726f1f37 : 00000000`23000002 00000000`00000000 00000000`00000006 00000000`23000002 : msaccess!SetEnumIntlView+0x202a00000029`37ef7160 00007ff7`0c3778a9 : 00000000`23000002 00007fff`bd22c560 00000000`00000000 0000013e`3e914fc8 : ucrtbase!terminate+0x1700000029`37ef7190 00007ff7`0c378d5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x412900000029`37ef71d0 00007ff7`0c377d34 : 0000013e`3e914f60 0000013e`3737ef90 00003964`f1094c84 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x55da00000029`37ef7230 00007ff7`0c3772c1 : 0000013e`4fbeffe0 0000013e`4fbeffe0 00000029`37ef7340 00000029`37efff10 : msaccess!JETESLoadProjectTypeLib+0x45b400000029`37ef7260 00007ff7`0c3773fd : 00000000`00008000 00000029`37ef8630 00000000`00000000 00007ff7`0cfa6168 : msaccess!JETESLoadProjectTypeLib+0x3b4100000029`37ef7290 00007ff7`0c361a93 : 00000029`37ef7340 0000013e`3ad61f30 00000000`00000000 00000029`37ef7800 : msaccess!JETESLoadProjectTypeLib+0x3c7d00000029`37ef72d0 00007ff7`0c361caf : 0000013e`3d1c1fd0 0000013e`3ad61f38 00000029`37ef7800 00000029`37ef73b8 : msaccess!ReleaseAccessIconResource+0x25e1300000029`37ef7300 00007ff7`0c3614af : 00000000`08000001 00000000`00000000 00000000`00000005 00007ff8`7286b591 : msaccess!ReleaseAccessIconResource+0x2602f00000029`37ef7490 00007ff7`0c35d949 : 0000013e`3ad61f30 0000013e`53ff2fe8 00000000`00000000 00000000`00000411 : msaccess!ReleaseAccessIconResource+0x2582f00000029`37ef76e0 00007ff7`0cbd01f7 : 0000013e`00000001 00000000`00000000 00000000`00008000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x21cc900000029`37ef7750 00007ff7`0cc0ef2a : 00000029`00000000 00000000`00000000 00000029`37ef8630 00000000`00000000 : msaccess!OpenHscrEmbedded+0x6034700000029`37ef77c0 00007ff7`0c9bedca : 00000001`00000001 00007ff7`0cc12828 00000001`00000001 00000029`37ef7f10 : msaccess!OpenHscrEmbedded+0x9f07a00000029`37ef79a0 00007ff7`0c822558 : 00000000`00000005 00000029`37ef8860 00000000`000007d1 00000000`00008000 : msaccess!OpenHscr+0x1037a00000029`37ef7a10 00007ff7`0c4f1aa6 : 00000000`f229a6a0 00000029`37ef8860 00000000`00000001 00000029`37ef8860 : msaccess!MSAU_GetSizeList+0x3f10800000029`37ef85e0 00007ff7`0c4e936f : 00000000`00000001 00000000`00000016 00000000`00000001 00000029`37ef8860 : msaccess!MSAU_ErrSortStringArray+0x1d93600000029`37ef8760 00007ff7`0c5091d6 : 0000013e`61c4afe0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x151ff00000029`37ef8b00 00007ff7`0c504855 : 00000029`37efc7e0 00000000`00000000 00007ff8`74f9fbcc 00000029`37efe120 : msaccess!MSAU_ErrSortStringArray+0x3506600000029`37efc780 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e500000029`37efe030 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a47700000029`37eff710 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba00000029`37effc30 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef00000029`37effdd0 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df0500000029`37effeb0 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c7200000029`37effef0 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000029`37efff20 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c