Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-257
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffbcc4fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site000000b9`f5fd3bf0 00007fff`bce71b66 : 000001ee`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d000000b9`f5fd3c50 00007ff8`726f1ee9 : 00000000`00000016 00000000`00000000 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x93000000b9`f5fd3cc0 00007ff8`726d5011 : 00000000`1a81a601 00000000`00000000 00000000`00000000 000000b9`f5fd3d70 : ucrtbase!raise+0x1d9000000b9`f5fd3d40 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 000001ee`c358dff0 : ucrtbase!abort+0x31000000b9`f5fd3d70 00007ff8`726f1f37 : 00000000`1a81a642 00000000`00000000 00000000`00000001 00000000`1a81a642 : msaccess!SetEnumIntlView+0x202a000000b9`f5fd3da0 00007ff7`0c3778a9 : 00000000`1a81a642 00007fff`bd22c560 00000000`00000000 000001ee`a9a9ffc8 : ucrtbase!terminate+0x17000000b9`f5fd3dd0 00007ff7`0c378d5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x4129000000b9`f5fd3e10 00007ff7`0c377d34 : 000001ee`a9a9ff60 000001ee`f4d91f90 00006165`1aa693ea 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x55da000000b9`f5fd3e70 00007ff7`0c3772c1 : 000001ee`a9a9dfe0 000001ee`a9a9dfe0 000000b9`f5fd3f40 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x45b4000000b9`f5fd3ea0 00007ff7`0c3773fd : 00000000`00000000 00000000`00008000 00000000`00000090 000001ee`bd437860 : msaccess!JETESLoadProjectTypeLib+0x3b41000000b9`f5fd3ed0 00007ff7`0c363183 : 000001ee`b488cfd0 000001ee`bd437860 000000b9`f5fd7160 00007ff7`0c370ead : msaccess!JETESLoadProjectTypeLib+0x3c7d000000b9`f5fd3f10 00007ff7`0c8a5f99 : 00000000`00000000 00000000`00000000 000000b9`f5fd41a0 00007ff8`73d85c55 : msaccess!ReleaseAccessIconResource+0x27503000000b9`f5fd4080 00007ff7`0c89e772 : 00000000`00000102 000001ee`bd437860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c2f9000000b9`f5fd5980 00007ff7`0c652af6 : 00000000`00000000 00007ff7`0cbcbd57 00000000`00000000 00007ff8`74f3ee02 : msaccess!AccessLoadString+0x24ad2000000b9`f5fd5da0 00007ff7`0c652989 : 000000b9`f5fd7160 00007ff7`0c685d6e 00000000`00000080 00000000`00000001 : msaccess!SizeCallback+0xdc006000000b9`f5fd5f90 00007ff7`0c64b6d8 : 00000000`00000080 000001ee`bd437860 00000000`00000202 00000000`00000000 : msaccess!SizeCallback+0xdbe99000000b9`f5fd5ff0 00007ff7`0c64d0d9 : 00000000`00000004 00000000`00000080 000000b9`f5fd7f90 00000000`00000202 : msaccess!SizeCallback+0xd4be8000000b9`f5fd72c0 00007ff7`0c8227c2 : 00000000`00000000 000000b9`f5fd81c0 00000000`000007d1 00000000`00008000 : msaccess!SizeCallback+0xd65e9000000b9`f5fd7370 00007ff7`0c4f1aa6 : 00000000`f229a6a0 000000b9`f5fd81c0 00000000`00000001 000000b9`f5fd81c0 : msaccess!MSAU_GetSizeList+0x3f372000000b9`f5fd7f40 00007ff7`0c4e936f : 00000000`00000001 00000000`00000016 00000000`00000001 000000b9`f5fd81c0 : msaccess!MSAU_ErrSortStringArray+0x1d936000000b9`f5fd80c0 00007ff7`0c5091d6 : 000001ee`cc72ffe0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x151ff000000b9`f5fd8460 00007ff7`0c504855 : 000000b9`f5fdc140 00000000`00000000 00007ff8`74f9fbcc 000000b9`f5fdda80 : msaccess!MSAU_ErrSortStringArray+0x35066000000b9`f5fdc0e0 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e5000000b9`f5fdd990 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a477000000b9`f5fdf070 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba000000b9`f5fdf590 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef000000b9`f5fdf730 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df05000000b9`f5fdf810 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c72000000b9`f5fdf850 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000b9`f5fdf880 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c