Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-281
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffb55efd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000001`000f3b70 00007fff`b5811b66 : 0000012a`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d00000001`000f3bd0 00007ff8`726f1ee9 : 00000000`00000016 00000000`00000000 00007fff`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000001`000f3c40 00007ff8`726d5011 : 00000000`1a81a601 00000000`00000000 00000000`00000000 00000001`000f3cf0 : ucrtbase!raise+0x1d900000001`000f3cc0 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 0000012a`27442ff0 : ucrtbase!abort+0x3100000001`000f3cf0 00007ff8`726f1f37 : 00000000`1a81a642 00000000`00000000 00000000`00000001 00000000`1a81a642 : msaccess!SetEnumIntlView+0x202a00000001`000f3d20 00007ff7`0c3778a9 : 00000000`1a81a642 00007fff`b5bcc560 00000000`00000000 0000012a`397c6fc8 : ucrtbase!terminate+0x1700000001`000f3d50 00007ff7`0c378d5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x412900000001`000f3d90 00007ff7`0c377d34 : 0000012a`397c6f60 0000012a`50f68f90 0000a1ad`f2cdea78 0053002b`002b0033 : msaccess!JETESLoadProjectTypeLib+0x55da00000001`000f3df0 00007ff7`0c3772c1 : 0000012a`397c4fe0 0000012a`397c4fe0 00000001`000f3ec0 00000000`00000025 : msaccess!JETESLoadProjectTypeLib+0x45b400000001`000f3e20 00007ff7`0c3773fd : 00000000`00000000 00000000`00008000 00000000`00000090 0000012a`39347860 : msaccess!JETESLoadProjectTypeLib+0x3b4100000001`000f3e50 00007ff7`0c363183 : 0000012a`396c0fd0 0000012a`39347860 00000001`000f70e0 00007ff7`0c370ead : msaccess!JETESLoadProjectTypeLib+0x3c7d00000001`000f3e90 00007ff7`0c8a5f99 : 00000000`00000000 00000000`00000000 00007fff`b1320000 00007fff`b145095e : msaccess!ReleaseAccessIconResource+0x2750300000001`000f4000 00007ff7`0c89e772 : 00000000`00000102 0000012a`39347860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c2f900000001`000f5900 00007ff7`0c652af6 : 00000000`00000000 00007ff7`0cbcbd57 00000000`00000000 00007ff8`74f3ee02 : msaccess!AccessLoadString+0x24ad200000001`000f5d20 00007ff7`0c652989 : 00000001`000f70e0 00007ff7`0c685d6e 00000000`00000080 00000000`00000001 : msaccess!SizeCallback+0xdc00600000001`000f5f10 00007ff7`0c64b6d8 : 00000000`00000080 0000012a`39347860 00000000`00000202 00000000`00000000 : msaccess!SizeCallback+0xdbe9900000001`000f5f70 00007ff7`0c64d0d9 : 00000000`00000004 00000000`00000080 00000001`000f7f10 00000000`00000202 : msaccess!SizeCallback+0xd4be800000001`000f7240 00007ff7`0c8227c2 : 00000000`00000000 00000001`000f8140 00000000`000007d1 00000000`00008000 : msaccess!SizeCallback+0xd65e900000001`000f72f0 00007ff7`0c4f1aa6 : 00000000`f229a6a0 00000001`000f8140 00000000`00000001 00000001`000f8140 : msaccess!MSAU_GetSizeList+0x3f37200000001`000f7ec0 00007ff7`0c4e936f : 00000000`00000001 00000000`00000016 00000000`00000001 00000001`000f8140 : msaccess!MSAU_ErrSortStringArray+0x1d93600000001`000f8040 00007ff7`0c5091d6 : 0000012a`1be8cfe0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x151ff00000001`000f83e0 00007ff7`0c504855 : 00000001`000fc0c0 00000000`00000000 00007ff8`74f9fbcc 00000001`000fda00 : msaccess!MSAU_ErrSortStringArray+0x3506600000001`000fc060 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e500000001`000fd910 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a47700000001`000feff0 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba00000001`000ff510 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef00000001`000ff6b0 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df0500000001`000ff790 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c7200000001`000ff7d0 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000001`000ff800 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c