Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-259
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffbcc4fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site000000be`472f01c0 00007fff`bce71b66 : 000002a0`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d000000be`472f0220 00007ff8`726f1ee9 : 00000000`00000016 000002a0`6302bb78 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x93000000be`472f0290 00007ff8`726d5011 : 000002a0`6302db01 000002a0`00000000 00000000`00000000 000000be`472f0340 : ucrtbase!raise+0x1d9000000be`472f0310 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 000002a0`426baff0 : ucrtbase!abort+0x31000000be`472f0340 00007ff8`726f1f37 : 000002a0`6302db78 000002a0`6302bb78 00000000`00000000 000002a0`63021778 : msaccess!SetEnumIntlView+0x202a000000be`472f0370 00007ff7`0c5c7ed1 : 000002a0`6302db78 00007fff`bd22c560 000002a0`6302bb78 00000000`00000083 : ucrtbase!terminate+0x17000000be`472f03a0 00007ff7`0c5ca322 : 000002a0`6302db78 00000000`00000000 00000000`00000083 000002a0`6302bb78 : msaccess!SizeCallback+0x513e1000000be`472f03d0 00007ff7`0c89f79e : 000000be`472f0478 000002a0`1bd50860 00000000`00000083 00000000`0000fa46 : msaccess!SizeCallback+0x53832000000be`472f0430 00007ff7`0c89f846 : 000002a0`63021778 000000be`472f1348 000000be`472f1348 00000000`0000fecd : msaccess!AccessLoadString+0x25afe000000be`472f1300 00007ff7`0c89f846 : 000002a0`63003bb8 000000be`472f2218 000000be`472f2218 00000000`00000008 : msaccess!AccessLoadString+0x25ba6000000be`472f21d0 00007ff7`0c89f846 : 000002a0`0ba91ff0 000000be`472f30e8 000000be`472f30e8 00000000`00000000 : msaccess!AccessLoadString+0x25ba6000000be`472f30a0 00007ff7`0c8a6d2a : 00000000`0000000c 000002a0`77d93f70 000000be`472f60e0 00000000`00000001 : msaccess!AccessLoadString+0x25ba6000000be`472f3f70 00007ff7`0c8a61a8 : 00000000`00000000 00000000`00000000 000000be`472f7810 00000000`00000001 : msaccess!AccessLoadString+0x2d08a000000be`472f4730 00007ff7`0c89e772 : 00000000`00000102 000002a0`1bd50860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c508000000be`472f6030 00007ff7`0c652af6 : 00000000`00000000 00007ff7`0cbcbd57 000000be`472f64a0 000000be`472f69a0 : msaccess!AccessLoadString+0x24ad2000000be`472f6450 00007ff7`0c652989 : 000000be`472f7810 00007ff7`0c685d6e 00000000`00000080 00000000`00000001 : msaccess!SizeCallback+0xdc006000000be`472f6640 00007ff7`0c64b6d8 : 00000000`00000080 000002a0`1bd50860 00000000`00000202 00000000`00000000 : msaccess!SizeCallback+0xdbe99000000be`472f66a0 00007ff7`0c64d0d9 : 0000ea23`9fcaf6f3 00000000`00000080 000000be`472f8640 00000000`00000202 : msaccess!SizeCallback+0xd4be8000000be`472f7970 00007ff7`0c8227c2 : 00000000`00000000 000000be`472f8870 00000000`000007d1 00000000`00008000 : msaccess!SizeCallback+0xd65e9000000be`472f7a20 00007ff7`0c4f1aa6 : 00000000`f229a6a0 000000be`472f8870 00000000`00000001 000000be`472f8870 : msaccess!MSAU_GetSizeList+0x3f372000000be`472f85f0 00007ff7`0c4e936f : 00000000`00000001 00000000`00000016 00000000`00000001 000000be`472f8870 : msaccess!MSAU_ErrSortStringArray+0x1d936000000be`472f8770 00007ff7`0c5091d6 : 000002a0`0bc56fe0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x151ff000000be`472f8b10 00007ff7`0c504855 : 000000be`472fc7f0 00000000`00000000 00007ff8`74f9fbcc 000000be`472fe130 : msaccess!MSAU_ErrSortStringArray+0x35066000000be`472fc790 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e5000000be`472fe040 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a477000000be`472ff720 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba000000be`472ffc40 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef000000be`472ffde0 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df05000000be`472ffec0 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c72000000be`472fff00 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000be`472fff30 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c