Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-280
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffb55efd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000078`d58f3d90 00007fff`b5811b66 : 000001b8`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d00000078`d58f3df0 00007ff8`726f1ee9 : 00000000`00000016 00000000`00000000 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000078`d58f3e60 00007ff8`726d5011 : 00000000`3d34dd01 00000000`00000000 00000000`00000000 00000078`d58f3f10 : ucrtbase!raise+0x1d900000078`d58f3ee0 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 000001b8`a6086ff0 : ucrtbase!abort+0x3100000078`d58f3f10 00007ff8`726f1f37 : 00000000`3d34dd00 00000000`00000000 00000000`00000003 00000000`3d34dd00 : msaccess!SetEnumIntlView+0x202a00000078`d58f3f40 00007ff7`0c3778a9 : 00000000`3d34dd00 00007fff`b5bcc560 00000000`00000000 000001b8`edaa0fc8 : ucrtbase!terminate+0x1700000078`d58f3f70 00007ff7`0c378d5a : 00000000`00000000 00000000`00000000 00000000`00000000 00007ff7`0cbf748a : msaccess!JETESLoadProjectTypeLib+0x412900000078`d58f3fb0 00007ff7`0c377d34 : 000001b8`edaa0f60 000001b8`f23c0f90 0000f51f`de5320e9 00007ff7`0cdd4f92 : msaccess!JETESLoadProjectTypeLib+0x55da00000078`d58f4010 00007ff7`0c3772c1 : 000001b8`f0f4efe0 000001b8`f0f4efe0 00000078`d58f40e0 00007ff7`0cdd3558 : msaccess!JETESLoadProjectTypeLib+0x45b400000078`d58f4040 00007ff7`0c3773fd : 00000000`00000000 00000000`00008004 00000000`00000090 000001b8`ec73b860 : msaccess!JETESLoadProjectTypeLib+0x3b4100000078`d58f4070 00007ff7`0c363183 : 000001b8`d6354fd0 000001b8`ec73b860 000001b8`e5ceffc6 00000000`00000020 : msaccess!JETESLoadProjectTypeLib+0x3c7d00000078`d58f40b0 00007ff7`0c8a5f99 : 000001b8`ef115f40 00000000`00000000 00000078`d58f4d68 00000078`d58f4d60 : msaccess!ReleaseAccessIconResource+0x2750300000078`d58f4220 00007ff7`0c89e772 : 00000000`10000102 000001b8`ec73b860 00000000`00008004 00000000`00000000 : msaccess!AccessLoadString+0x2c2f900000078`d58f5b20 00007ff7`0c652af6 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!AccessLoadString+0x24ad200000078`d58f5f40 00007ff7`0c652989 : 00007fff`ac5e423c 00007ff8`74ec5f8b 00007ff7`0cb17b46 00007ff7`0c8f8d91 : msaccess!SizeCallback+0xdc00600000078`d58f6130 00007ff7`0cb1ebc3 : 00000000`00000000 000001b8`e5ceffc6 00000078`d58f66e8 00000000`0000002f : msaccess!SizeCallback+0xdbe9900000078`d58f6190 00007ff7`0cb1f70c : 000001b8`ec73b860 00000000`00000000 000001b8`fce27fd0 000001b8`ec73b860 : msaccess!FUniqueIndexTableFieldEx+0xfcb6300000078`d58f6620 00007ff7`0cae155c : 000001b8`ec73b860 00000078`d58f6700 00000000`00000000 000001b8`ce020f00 : msaccess!FUniqueIndexTableFieldEx+0xfd6ac00000078`d58f66b0 00007ff7`0cb147a6 : 000001b8`fce27fd0 00000000`00008004 000001b8`ef115f40 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xbf4fc00000078`d58f6730 00007ff7`0c8f847d : 000001b8`e5ceffb8 00000000`00000000 000001b8`f7d6bf90 00000000`ffffffef : msaccess!FUniqueIndexTableFieldEx+0xf274600000078`d58f6790 00007fff`ac617504 : 00000000`00000000 000001b8`f7d6bf90 00000078`d58f67e0 000001b8`e5339f90 : msaccess!AccessLoadString+0x7e7dd00000078`d58f67c0 00007fff`ac5ce8b5 : 00000000`00000000 00000000`00000000 000001b8`f7d6be78 00000000`00000000 : VBE7!CProjitemDocument::LoadDocItem+0x5800000078`d58f6800 00007fff`ac77f624 : 00000000`00000000 00000000`00000000 000001b8`f7ba4498 00000000`00000001 : VBE7!HostGetBaseClassTypeInfo3+0xf500000078`d58f6860 00007fff`ac77b071 : 000001b8`ef3619d0 00000078`d58f6ae8 00000078`d58f6de0 000001b8`9adb0000 : VBE7!IMPMGR::HookUpBaseTypeInfo+0xb800000078`d58f68d0 00007fff`ac77ad91 : 000001b8`ef3619d0 00007ff8`00000010 000001b8`9adb0000 00000000`00000000 : VBE7!IMPMGR::LoadTypeInfo+0xe500000078`d58f6910 00007fff`ac77bbc4 : 000001b8`ef3619d0 00000000`00000010 000001b8`00000000 00000078`d58f69e8 : VBE7!IMPMGR::GetTypeInfo+0xcd00000078`d58f6980 00007fff`ac77c1e1 : 000001b8`ef3619d0 00007ff8`00000000 00000078`d58f69e8 00000078`d58f6ae8 : VBE7!IMPMGR::GetCoClassTypeInfoOfBase+0x7800000078`d58f69c0 00007fff`ac77f3ed : 000001b8`ef3619d0 00000078`d58f6b38 00000078`d58f6b50 00000001`00000001 : VBE7!IMPMGR::GetBaseTypeInfoAttribute+0x6500000078`d58f6b10 00007fff`ac71b8a3 : 000001b8`ef3619d0 000001b8`a3805be0 00000078`d58f6c10 000001b8`eb0adfd0 : VBE7!IMPMGR::Write+0x1f500000078`d58f6b60 00007fff`ac7238a5 : 000001b8`ea33ac40 000001b8`a3805be0 000001b8`00000000 000001b8`d45a8f60 : VBE7!BASIC_TYPEROOT::WriteParts+0x58300000078`d58f6c20 00007fff`ac723430 : 000001b8`ea33ac40 000001b8`a3805be0 000001b8`00000000 00000078`d58f6c88 : VBE7!BASIC_TYPEROOT::WriteToStream+0xe500000078`d58f6c60 00007fff`ac6f5292 : 000001b8`ea33ac40 000001b8`d986bf00 00000078`d58f6fc0 00000078`d58f7318 : VBE7!BASIC_TYPEROOT::Write+0x1b000000078`d58f6da0 00007fff`ac6f4c3a : 000001b8`edc20f80 000001b8`d986bf00 00000078`d58f000a 000001b8`00000001 : VBE7!ExecProj::SaveModule+0x32a00000078`d58f73f0 00007fff`ac5e423c : 000001b8`edc20f80 00000000`00000000 00000078`00000001 000001b8`ec73b860 : VBE7!ExecProj::Save+0x1da00000078`d58f7a20 00007ff7`0c8fa8b8 : 000001b8`f7b9ef38 00007fff`ac60e621 000001b8`fd2b38b0 000001b8`f7b9ef38 : VBE7!Project::StgSave+0x13400000078`d58f7b00 00007ff7`0cb17b46 : 00000000`00000000 00000000`00000000 000001b8`f7b9ef38 000001b8`f7b9ef38 : msaccess!AccessLoadString+0x80c1800000078`d58f7b70 00007ff7`0c8f8d91 : 000001b8`ef115f40 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf5ae600000078`d58f7c40 00007ff7`0cb15658 : 000001b8`ef115f70 00000000`80004005 000001b8`ef115f40 00000000`00000000 : msaccess!AccessLoadString+0x7f0f100000078`d58f8030 00007ff7`0cb15fac : 000001b8`ef115f40 00000078`d58f8180 00000000`00000000 000001b8`00000000 : msaccess!FUniqueIndexTableFieldEx+0xf35f800000078`d58f80e0 00007ff7`0cadb86c : 00000000`00000000 00000000`00000001 000001b8`d41faec0 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf3f4c00000078`d58f8180 00007ff7`0c36edd0 : 000001b8`d41faec0 000001b8`d41faec0 000001b8`d41faec0 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xb980c00000078`d58f82b0 00007ff7`0cbe95da : 00000000`00000000 000001b8`d41faec0 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x3315000000078`d58f82f0 00007ff7`0c3720f1 : 00000000`00000002 00000078`d58f8820 00000000`00000002 00000000`00000000 : msaccess!OpenHscrEmbedded+0x7972a00000078`d58f84b0 00007ff7`0c36348e : 00000078`d58f8650 00000078`d58f8788 000001b8`d406ef70 00000078`d58f8788 : msaccess!ReleaseAccessIconResource+0x3647100000078`d58f85f0 00007ff7`0c508775 : 00000078`d58f8820 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x2780e00000078`d58f8710 00007ff7`0c504855 : 00000078`d58fc3f0 00000000`00000000 00007ff8`74f9fbcc 00000078`d58fdd30 : msaccess!MSAU_ErrSortStringArray+0x3460500000078`d58fc390 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e500000078`d58fdc40 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a47700000078`d58ff320 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba00000078`d58ff840 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef00000078`d58ff9e0 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df0500000078`d58ffac0 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c7200000078`d58ffb00 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000078`d58ffb30 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c