Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-277
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffb577fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site000000c1`348f2070 00007fff`b59a1b66 : 0000028b`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d000000c1`348f20d0 00007ff8`726f1ee9 : 00000000`00000016 0000028b`2d6abb78 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x93000000c1`348f2140 00007ff8`726d5011 : 0000028b`2d6f1b01 0000028b`00000000 00000000`00000000 000000c1`348f21f0 : ucrtbase!raise+0x1d9000000c1`348f21c0 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 0000028b`179ddff0 : ucrtbase!abort+0x31000000c1`348f21f0 00007ff8`726f1f37 : 0000028b`2d6f1b78 0000028b`2d6abb78 00000000`00000000 0000028b`2d6ebd38 : msaccess!SetEnumIntlView+0x202a000000c1`348f2220 00007ff7`0c5c7ed1 : 0000028b`2d6f1b78 00007fff`b5d5c560 0000028b`2d6abb78 00000000`00000083 : ucrtbase!terminate+0x17000000c1`348f2250 00007ff7`0c5ca322 : 0000028b`2d6f1b78 00000000`00000000 00000000`00000083 0000028b`00000000 : msaccess!SizeCallback+0x513e1000000c1`348f2280 00007ff7`0c89f79e : 000000c1`348f2328 0000028b`0daf6860 00000000`00000083 00000000`00000364 : msaccess!SizeCallback+0x53832000000c1`348f22e0 00007ff7`0c89f846 : 0000028b`2d6ebd38 000000c1`348f31f8 000000c1`348f31f8 00000000`00000004 : msaccess!AccessLoadString+0x25afe000000c1`348f31b0 00007ff7`0c89f846 : 0000028b`7b6f6ff0 000000c1`348f40c8 000000c1`348f40c8 00000000`00000003 : msaccess!AccessLoadString+0x25ba6000000c1`348f4080 00007ff7`0c8a6d2a : 00000000`0000000c 0000028b`45ed3f70 000000c1`348f70c0 00000000`00000001 : msaccess!AccessLoadString+0x25ba6000000c1`348f4f50 00007ff7`0c8a61a8 : 00000000`00000000 00000000`00000000 000000c1`348f78d0 00000000`00000001 : msaccess!AccessLoadString+0x2d08a000000c1`348f5710 00007ff7`0c89e772 : 00000000`00020102 0000028b`0daf6860 00000000`00008004 00000000`00000000 : msaccess!AccessLoadString+0x2c508000000c1`348f7010 00007ff7`0c652af6 : 00000000`00000000 01c10369`cf3f3500 01c10369`9c468040 00000000`00000000 : msaccess!AccessLoadString+0x24ad2000000c1`348f7430 00007ff7`0c691e81 : 006f0073`006f0072 004a002e`00740066 004e002e`00740065 00760069`00740061 : msaccess!SizeCallback+0xdc006000000c1`348f7620 00007ff7`0c41ced8 : 0000028b`0daf6860 00007ff7`0cbc3b97 00000000`00000003 000000c1`00000000 : msaccess!WizChooseColor+0x3d971000000c1`348f7690 00007ff7`0cc0e369 : 00000000`00000000 00000000`00008004 000000c1`348f7cf9 0000028b`0daf6860 : msaccess!JETESLoadProjectTypeLib+0xa9758000000c1`348f76e0 00007ff7`0c7e5b76 : 000000c1`348f7b98 00000000`00000000 000000c1`348f7cf9 0000028b`0daf6860 : msaccess!OpenHscrEmbedded+0x9e4b9000000c1`348f7b40 00007ff7`0c36ea60 : 0000028b`705e6ec0 000000c1`348f7d00 00007ff8`727688c0 000000c1`348f7d00 : msaccess!MSAU_GetSizeList+0x2726000000c1`348f7c90 00007ff7`0c36dea3 : 00000000`00000000 00000000`00000000 0000028b`705e6ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32de0000000c1`348f7d60 00007ff7`0cbe95a5 : 0000028b`705e6f18 00000000`00000000 0000028b`705e6ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32223000000c1`348f8060 00007ff7`0c3720f1 : 00000000`00000002 000000c1`348f8590 00000000`00000002 00000000`00000000 : msaccess!OpenHscrEmbedded+0x796f5000000c1`348f8220 00007ff7`0c36348e : 000000c1`348f83c0 000000c1`348f84f8 0000028b`70decf70 000000c1`348f84f8 : msaccess!ReleaseAccessIconResource+0x36471000000c1`348f8360 00007ff7`0c508775 : 000000c1`348f8590 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x2780e000000c1`348f8480 00007ff7`0c504855 : 000000c1`348fc160 00000000`00000000 00007ff8`74f9fbcc 000000c1`348fdaa0 : msaccess!MSAU_ErrSortStringArray+0x34605000000c1`348fc100 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e5000000c1`348fd9b0 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a477000000c1`348ff090 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba000000c1`348ff5b0 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef000000c1`348ff750 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df05000000c1`348ff830 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c72000000c1`348ff870 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000c1`348ff8a0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c