Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-262
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffbcc4fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000008`61b820b0 00007fff`bce71b66 : 000001cc`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d00000008`61b82110 00007ff8`726f1ee9 : 00000000`00000016 000001cc`8054dff8 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000008`61b82180 00007ff8`726d5011 : 00000000`ffffdb01 000001cc`00000000 00000000`00000000 00000008`61b82230 : ucrtbase!raise+0x1d900000008`61b82200 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 000001cc`80557ff0 : ucrtbase!abort+0x3100000008`61b82230 00007ff8`726f1f37 : 00000000`ffffdb02 000001cc`8054dff8 00000000`00000001 00000000`ffffdb02 : msaccess!SetEnumIntlView+0x202a00000008`61b82260 00007ff7`0c3778a9 : 00000000`ffffdb02 00007fff`bd22c560 000001cc`8054dff8 000001cc`d55b9f90 : ucrtbase!terminate+0x1700000008`61b82290 00007ff7`0c4102b4 : 00000008`61b82348 000001cc`8054dff8 000001cc`8054dff0 00000008`61b857e0 : msaccess!JETESLoadProjectTypeLib+0x412900000008`61b822d0 00007ff7`0c89f95c : 00000008`61b82348 000001cc`d55b9f90 00000008`61b82348 00000000`00000003 : msaccess!JETESLoadProjectTypeLib+0x9cb3400000008`61b82300 00007ff7`0c89f846 : 000001cc`d55bbfd0 00000008`61b83218 00000008`61b83218 00000000`000040fe : msaccess!AccessLoadString+0x25cbc00000008`61b831d0 00007ff7`0c89f846 : 000001cc`f6a01fe0 00000008`61b840e8 00000008`61b840e8 00000000`00000002 : msaccess!AccessLoadString+0x25ba600000008`61b840a0 00007ff7`0c8a6d2a : 00000000`0000000c 000001cc`9e413f70 00000008`61b870e0 00000000`00000001 : msaccess!AccessLoadString+0x25ba600000008`61b84f70 00007ff7`0c8a61a8 : 00000000`00000000 00000000`00000000 00000008`61b878f0 00000000`00000001 : msaccess!AccessLoadString+0x2d08a00000008`61b85730 00007ff7`0c89e772 : 00000000`00020102 000001cc`eff15860 00000000`00008004 00000000`00000000 : msaccess!AccessLoadString+0x2c50800000008`61b87030 00007ff7`0c652af6 : 00000000`00000000 01c10369`cf3f3500 01c10369`9c468040 00000000`00000000 : msaccess!AccessLoadString+0x24ad200000008`61b87450 00007ff7`0c691e81 : 006f0073`006f0072 004a002e`00740066 004e002e`00740065 00760069`00740061 : msaccess!SizeCallback+0xdc00600000008`61b87640 00007ff7`0c41ced8 : 000001cc`eff15860 00007ff7`0cbc3b97 00000000`00000003 00000008`00000000 : msaccess!WizChooseColor+0x3d97100000008`61b876b0 00007ff7`0cc0e369 : 00000000`00000000 00000000`00008004 00000008`61b87d19 000001cc`eff15860 : msaccess!JETESLoadProjectTypeLib+0xa975800000008`61b87700 00007ff7`0c7e5b76 : 00000008`61b87bb8 00000000`00000000 00000008`61b87d19 000001cc`eff15860 : msaccess!OpenHscrEmbedded+0x9e4b900000008`61b87b60 00007ff7`0c36ea60 : 000001cc`c8ee0ec0 00000008`61b87d20 00007ff8`727688c0 00000008`61b87d20 : msaccess!MSAU_GetSizeList+0x272600000008`61b87cb0 00007ff7`0c36dea3 : 00000000`00000000 00000000`00000000 000001cc`c8ee0ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32de000000008`61b87d80 00007ff7`0cbe95a5 : 000001cc`c8ee0f18 00000000`00000000 000001cc`c8ee0ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x3222300000008`61b88080 00007ff7`0c3720f1 : 00000000`00000002 00000008`61b885b0 00000000`00000002 00000000`00000000 : msaccess!OpenHscrEmbedded+0x796f500000008`61b88240 00007ff7`0c36348e : 00000008`61b883e0 00000008`61b88518 000001cc`a79c8f70 00000008`61b88518 : msaccess!ReleaseAccessIconResource+0x3647100000008`61b88380 00007ff7`0c508775 : 00000008`61b885b0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x2780e00000008`61b884a0 00007ff7`0c504855 : 00000008`61b8c180 00000000`00000000 00007ff8`74f9fbcc 00000008`61b8dac0 : msaccess!MSAU_ErrSortStringArray+0x3460500000008`61b8c120 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e500000008`61b8d9d0 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a47700000008`61b8f0b0 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba00000008`61b8f5d0 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef00000008`61b8f770 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df0500000008`61b8f850 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c7200000008`61b8f890 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000008`61b8f8c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c