Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-255
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffbcc4fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site000000cc`434eff80 00007fff`bce71b66 : 00000203`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d000000cc`434effe0 00007ff8`726f1ee9 : 00000000`00000016 00000203`39687888 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x93000000cc`434f0050 00007ff8`726d5011 : 00000203`396ab801 00000203`00000000 00000000`00000000 000000cc`434f0100 : ucrtbase!raise+0x1d9000000cc`434f00d0 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 00000203`1268cff0 : ucrtbase!abort+0x31000000cc`434f0100 00007ff8`726f1f37 : 00000203`396ab888 00000203`39687888 00000000`00000000 00000203`1d65cf00 : msaccess!SetEnumIntlView+0x202a000000cc`434f0130 00007ff7`0c5c7ed1 : 00000203`396ab888 00007fff`bd22c560 00000203`39687888 00000000`00000084 : ucrtbase!terminate+0x17000000cc`434f0160 00007ff7`0c5ca322 : 00000203`396ab888 00000000`00000000 00000000`00000084 00007fff`b5a785b4 : msaccess!SizeCallback+0x513e1000000cc`434f0190 00007ff7`0c89f79e : 000000cc`434f0238 00000203`25f34860 00000000`00000084 00000000`000003a2 : msaccess!SizeCallback+0x53832000000cc`434f01f0 00007ff7`0c89f846 : 00000203`1d65eff0 000000cc`434f1108 000000cc`434f1108 00000000`000003ef : msaccess!AccessLoadString+0x25afe000000cc`434f10c0 00007ff7`0c89f846 : 00000203`396a1d38 000000cc`434f1fd8 000000cc`434f1fd8 00000000`00000000 : msaccess!AccessLoadString+0x25ba6000000cc`434f1f90 00007ff7`0c89f846 : 00000203`0db1aff0 000000cc`434f2ea8 000000cc`434f2ea8 00000000`00000006 : msaccess!AccessLoadString+0x25ba6000000cc`434f2e60 00007ff7`0c8a6d2a : 00000000`0000000c 00000203`54163f70 000000cc`434f5ea0 00000000`00000001 : msaccess!AccessLoadString+0x25ba6000000cc`434f3d30 00007ff7`0c8a61a8 : 00000000`00000000 00000000`00000000 00000203`1b948fd6 00000000`00000001 : msaccess!AccessLoadString+0x2d08a000000cc`434f44f0 00007ff7`0c89e772 : 00000000`10000102 00000203`25f34860 00000000`00008004 00000000`00000000 : msaccess!AccessLoadString+0x2c508000000cc`434f5df0 00007ff7`0c652af6 : 00000203`25f34860 00000203`3af16fa8 00000203`5d951ec0 00000203`25f34860 : msaccess!AccessLoadString+0x24ad2000000cc`434f6210 00007ff7`0c652989 : 00007fff`b56e423c 00007ff8`74ec5f8b 00007ff7`0cb17b46 00007ff7`0c8f8d91 : msaccess!SizeCallback+0xdc006000000cc`434f6400 00007ff7`0cb1ebc3 : 00000000`00000000 00000203`1b948fd6 000000cc`434f69b8 00000000`0000001a : msaccess!SizeCallback+0xdbe99000000cc`434f6460 00007ff7`0cb1f70c : 00000203`25f34860 00000000`00000000 00000203`35f76fd0 00000203`25f34860 : msaccess!FUniqueIndexTableFieldEx+0xfcb63000000cc`434f68f0 00007ff7`0cae155c : 00000203`25f34860 000000cc`434f69d0 00000000`00000000 00000203`0043ef00 : msaccess!FUniqueIndexTableFieldEx+0xfd6ac000000cc`434f6980 00007ff7`0cb147a6 : 00000203`35f76fd0 00000000`00008004 00000203`0c210f40 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xbf4fc000000cc`434f6a00 00007ff7`0c8f847d : 00000203`1b948fc8 00000000`00000000 00000203`31705f90 00000000`ffffffef : msaccess!FUniqueIndexTableFieldEx+0xf2746000000cc`434f6a60 00007fff`b5717504 : 00000000`00000000 00000203`31705f90 000000cc`434f6ab0 00000203`006bef90 : msaccess!AccessLoadString+0x7e7dd000000cc`434f6a90 00007fff`b56ce8b5 : 00000000`00000000 00000000`00000000 00000203`31705e78 00000000`00000000 : VBE7!CProjitemDocument::LoadDocItem+0x58000000cc`434f6ad0 00007fff`b587f624 : 00000000`00000000 00000000`00000000 00000203`315a4498 00000000`00000001 : VBE7!HostGetBaseClassTypeInfo3+0xf5000000cc`434f6b30 00007fff`b587b071 : 00000203`363049d0 000000cc`434f6db8 000000cc`434f70a0 00000203`53fe0000 : VBE7!IMPMGR::HookUpBaseTypeInfo+0xb8000000cc`434f6ba0 00007fff`b587ad91 : 00000203`363049d0 00007ff8`00000010 00000203`53fe0000 00000000`00000000 : VBE7!IMPMGR::LoadTypeInfo+0xe5000000cc`434f6be0 00007fff`b587bbc4 : 00000203`363049d0 00000000`00000010 00000203`00000000 000000cc`434f6cb8 : VBE7!IMPMGR::GetTypeInfo+0xcd000000cc`434f6c50 00007fff`b587c1e1 : 00000203`363049d0 00007ff8`00000000 000000cc`434f6cb8 000000cc`434f6db8 : VBE7!IMPMGR::GetCoClassTypeInfoOfBase+0x78000000cc`434f6c90 00007fff`b587f3ed : 00000203`363049d0 000000cc`434f6e08 000000cc`434f6e20 00000001`00000001 : VBE7!IMPMGR::GetBaseTypeInfoAttribute+0x65000000cc`434f6de0 00007fff`b581b8a3 : 00000203`363049d0 00000203`3af0ebe0 000000cc`434f6ee0 00000203`24367fd0 : VBE7!IMPMGR::Write+0x1f5000000cc`434f6e30 00007fff`b58238a5 : 00000203`1b96ac40 00000203`3af0ebe0 00000203`00000000 00000203`3af0af60 : VBE7!BASIC_TYPEROOT::WriteParts+0x583000000cc`434f6ef0 00007fff`b5823430 : 00000203`1b96ac40 00000203`3af0ebe0 00000203`00000000 000000cc`434f6f58 : VBE7!BASIC_TYPEROOT::WriteToStream+0xe5000000cc`434f6f30 00007fff`b57f5292 : 00000203`1b96ac40 00000203`0f502f00 000000cc`434f7280 000000cc`434f75e8 : VBE7!BASIC_TYPEROOT::Write+0x1b0000000cc`434f7070 00007fff`b57f4c3a : 00000203`2cb3ef80 00000203`0f502f00 000000cc`434f000c 00000203`00000001 : VBE7!ExecProj::SaveModule+0x32a000000cc`434f76c0 00007fff`b56e423c : 00000203`2cb3ef80 00000000`00000000 000000cc`00000001 00000203`25f34860 : VBE7!ExecProj::Save+0x1da000000cc`434f7cf0 00007ff7`0c8fa8b8 : 00000203`3159ef38 00007fff`b570e621 00000203`2cb438b0 00000203`3159ef38 : VBE7!Project::StgSave+0x134000000cc`434f7dd0 00007ff7`0cb17b46 : 00000000`00000000 00000000`00000000 00000203`3159ef38 00000203`3159ef38 : msaccess!AccessLoadString+0x80c18000000cc`434f7e40 00007ff7`0c8f8d91 : 00000203`0c210f40 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf5ae6000000cc`434f7f10 00007ff7`0cb15658 : 00000203`0c210f70 00000000`80004005 00000203`0c210f40 00000000`00000000 : msaccess!AccessLoadString+0x7f0f1000000cc`434f8300 00007ff7`0cb15fac : 00000203`0c210f40 000000cc`434f8450 00000000`00000000 00000203`00000000 : msaccess!FUniqueIndexTableFieldEx+0xf35f8000000cc`434f83b0 00007ff7`0cadb86c : 00000000`00000000 00000000`00000001 00000203`5d951ec0 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf3f4c000000cc`434f8450 00007ff7`0c36edd0 : 00000203`5d951ec0 00000203`5d951ec0 00000203`5d951ec0 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xb980c000000cc`434f8580 00007ff7`0cbe95da : 00000000`00000000 00000203`5d951ec0 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x33150000000cc`434f85c0 00007ff7`0c3720f1 : 00000000`00000002 000000cc`434f8af0 00000000`00000002 00000000`00000000 : msaccess!OpenHscrEmbedded+0x7972a000000cc`434f8780 00007ff7`0c36348e : 000000cc`434f8920 000000cc`434f8a58 00000203`1eadef70 000000cc`434f8a58 : msaccess!ReleaseAccessIconResource+0x36471000000cc`434f88c0 00007ff7`0c508775 : 000000cc`434f8af0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x2780e000000cc`434f89e0 00007ff7`0c504855 : 000000cc`434fc6c0 00000000`00000000 00007ff8`74f9fbcc 000000cc`434fe000 : msaccess!MSAU_ErrSortStringArray+0x34605000000cc`434fc660 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e5000000cc`434fdf10 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a477000000cc`434ff5f0 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba000000cc`434ffb10 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef000000cc`434ffcb0 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df05000000cc`434ffd90 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c72000000cc`434ffdd0 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000cc`434ffe00 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c