Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-239
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18025.20214 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007ff74c3adfe6 (msaccess!WizChooseColor+0x000000000001b8f6) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: 0000000000000050Attempt to read from address 0000000000000050Child-SP RetAddr : Args to Child : Call Site00000044`bbb4ecb0 00007ff7`4c3af158 : 00000044`00000000 00000000`00000000 00000000`00000000 00000228`00000000 : msaccess!WizChooseColor+0x1b8f600000044`bbb4eea0 00007ff7`4c3a7c45 : 00000000`0000005a 00000044`bbb4f480 00000000`00000018 00000228`0049414e : msaccess!WizChooseColor+0x1ca6800000044`bbb4efd0 00007ff7`4c1253fe : 00000000`0054057c 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!WizChooseColor+0x1555500000044`bbb4f380 00007ffb`d2875801 : 00000000`00d7051e 00000000`00000000 00000000`80007811 00000000`00000000 : msaccess!JETESLoadProjectTypeLib+0x732fe00000044`bbb4f6d0 00007ffb`d287509c : 00000000`00000388 00007ff7`4c125160 00000000`00d7051e 00000000`80000000 : USER32!UserCallWinProcCheckWow+0x34100000044`bbb4f830 00007ffb`d28a61e3 : 00000000`00000000 00000000`00000000 00000000`00000000 00007ffb`d2868f75 : USER32!DispatchClientMessage+0x9c00000044`bbb4f890 00007ffb`d3ca3684 : 00000000`00000001 00000000`00000000 00000228`09336210 00007ffb`d2868e78 : USER32!_fnDWORD+0x3300000044`bbb4f8f0 00007ffb`d0f318b4 : 00007ffb`d28734b8 00000044`bbb4fc50 00000000`00000001 00000000`00000000 : ntdll!KiUserCallbackDispatcherContinue00000044`bbb4f978 00007ffb`d28734b8 : 00000044`bbb4fc50 00000000`00000001 00000000`00000000 00007ffb`d2872f89 : win32u!NtUserDispatchMessage+0x1400000044`bbb4f980 00007ff7`4c500c15 : 00000044`bbb4fa38 00000000`00000000 00000000`00000001 00000000`00000000 : USER32!DispatchMessageWorker+0x34800000044`bbb4fa00 00007ff7`4c50140e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d1d500000044`bbb4fba0 00007ff7`4c072612 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5d9ce00000044`bbb4fc80 00007ffb`d27bdbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x1261200000044`bbb4fcc0 00007ffb`d3c1fbec : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000044`bbb4fcf0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c