Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-278
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffb577fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000026`556f10a0 00007fff`b59a1b66 : 000001f0`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d00000026`556f1100 00007ff8`726f1ee9 : 00000000`00000016 000001f0`93997888 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000026`556f1170 00007ff8`726d5011 : 000001f0`93a27801 000001f0`00000000 00000000`00000000 00000026`556f1220 : ucrtbase!raise+0x1d900000026`556f11f0 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 000001f0`89848ff0 : ucrtbase!abort+0x3100000026`556f1220 00007ff8`726f1f37 : 000001f0`93a27888 000001f0`93997888 00000000`00000000 000001f0`f1a25f00 : msaccess!SetEnumIntlView+0x202a00000026`556f1250 00007ff7`0c5c7ed1 : 000001f0`93a27888 00007fff`b5d5c560 000001f0`93997888 00000000`00000084 : ucrtbase!terminate+0x1700000026`556f1280 00007ff7`0c5ca322 : 000001f0`93a27888 00000000`00000000 00000000`00000084 00007ff8`7507084c : msaccess!SizeCallback+0x513e100000026`556f12b0 00007ff7`0c89f79e : 00000026`556f1358 000001f0`f3752860 00000000`00000084 00000000`000003a2 : msaccess!SizeCallback+0x5383200000026`556f1310 00007ff7`0c89f846 : 000001f0`ec214fe0 00000026`556f2228 00000026`556f2228 00000000`000003ef : msaccess!AccessLoadString+0x25afe00000026`556f21e0 00007ff7`0c89f846 : 000001f0`93a21d38 00000026`556f30f8 00000026`556f30f8 00000000`00000002 : msaccess!AccessLoadString+0x25ba600000026`556f30b0 00007ff7`0c89f846 : 000001f0`e34f6fe0 00000026`556f3fc8 00000026`556f3fc8 00000000`00000004 : msaccess!AccessLoadString+0x25ba600000026`556f3f80 00007ff7`0c8a6d2a : 00000000`0000000c 000001f0`b4473f70 00000026`556f6fc0 00000000`00000001 : msaccess!AccessLoadString+0x25ba600000026`556f4e50 00007ff7`0c8a61a8 : 00000000`00000000 00000000`00000000 00000026`556f77d0 00000000`00000001 : msaccess!AccessLoadString+0x2d08a00000026`556f5610 00007ff7`0c89e772 : 00000000`00020102 000001f0`f3752860 00000000`00008004 00000000`00000000 : msaccess!AccessLoadString+0x2c50800000026`556f6f10 00007ff7`0c652af6 : 000001f0`ee270f40 00000026`556f7350 0000f4d8`f04affec 00000000`00000102 : msaccess!AccessLoadString+0x24ad200000026`556f7330 00007ff7`0c691e81 : 006f0073`006f0072 004a002e`00740066 004e002e`00740065 00760069`00740061 : msaccess!SizeCallback+0xdc00600000026`556f7520 00007ff7`0c41ced8 : 000001f0`f3752860 00007ff7`0cbc3b97 00000000`00000003 00000026`00000000 : msaccess!WizChooseColor+0x3d97100000026`556f7590 00007ff7`0cc0e369 : 00000000`00000000 00000000`00008004 00000026`556f7bf9 000001f0`f3752860 : msaccess!JETESLoadProjectTypeLib+0xa975800000026`556f75e0 00007ff7`0c7e5b76 : 00000026`556f7a98 00000000`00000000 00000026`556f7bf9 000001f0`f3752860 : msaccess!OpenHscrEmbedded+0x9e4b900000026`556f7a40 00007ff7`0c36ea60 : 000001f0`fe0e4ec0 00000026`556f7c00 00007ff8`727688c0 00000026`556f7c00 : msaccess!MSAU_GetSizeList+0x272600000026`556f7b90 00007ff7`0c36dea3 : 00000000`00000000 00000000`00000000 000001f0`fe0e4ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x32de000000026`556f7c60 00007ff7`0cbe95a5 : 000001f0`fe0e4f18 00000000`00000000 000001f0`fe0e4ec0 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x3222300000026`556f7f60 00007ff7`0c3720f1 : 00000000`00000002 00000026`556f8490 00000000`00000002 00000000`00000000 : msaccess!OpenHscrEmbedded+0x796f500000026`556f8120 00007ff7`0c36348e : 00000026`556f82c0 00000026`556f83f8 000001f0`f4224f70 00000026`556f83f8 : msaccess!ReleaseAccessIconResource+0x3647100000026`556f8260 00007ff7`0c508775 : 00000026`556f8490 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x2780e00000026`556f8380 00007ff7`0c504855 : 00000026`556fc060 00000000`00000000 00007ff8`74f9fbcc 00000026`556fd9a0 : msaccess!MSAU_ErrSortStringArray+0x3460500000026`556fc000 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e500000026`556fd8b0 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a47700000026`556fef90 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba00000026`556ff4b0 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef00000026`556ff650 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df0500000026`556ff730 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c7200000026`556ff770 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000026`556ff7a0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c