Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-245
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffbcc4fd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site000000d5`de930a40 00007fff`bce71b66 : 00000259`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d000000d5`de930aa0 00007ff8`726f1ee9 : 00000000`00000016 00000259`445f3b78 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x93000000d5`de930b10 00007ff8`726d5011 : 00000259`445f5b01 00000259`00000000 00000000`00000000 000000d5`de930bc0 : ucrtbase!raise+0x1d9000000d5`de930b90 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 00000259`116aaff0 : ucrtbase!abort+0x31000000d5`de930bc0 00007ff8`726f1f37 : 00000259`445f5b78 00000259`445f3b78 00000000`00000000 00000259`445e9778 : msaccess!SetEnumIntlView+0x202a000000d5`de930bf0 00007ff7`0c5c7ed1 : 00000259`445f5b78 00007fff`bd22c560 00000259`445f3b78 00000000`00000083 : ucrtbase!terminate+0x17000000d5`de930c20 00007ff7`0c5ca322 : 00000259`445f5b78 00000000`00000000 00000000`00000083 00000259`445f3b78 : msaccess!SizeCallback+0x513e1000000d5`de930c50 00007ff7`0c89f79e : 000000d5`de930cf8 00000259`1a11a860 00000000`00000083 00000000`0000fa4a : msaccess!SizeCallback+0x53832000000d5`de930cb0 00007ff7`0c89f846 : 00000259`445e9778 000000d5`de931bc8 000000d5`de931bc8 00000000`0000fea1 : msaccess!AccessLoadString+0x25afe000000d5`de931b80 00007ff7`0c89f846 : 00000259`34e4eff0 000000d5`de932a98 000000d5`de932a98 00000000`0000cbb4 : msaccess!AccessLoadString+0x25ba6000000d5`de932a50 00007ff7`0c8a6d2a : 00000000`0000000c 00000259`5c333f70 000000d5`de935a90 00000000`00000001 : msaccess!AccessLoadString+0x25ba6000000d5`de933920 00007ff7`0c8a61a8 : 00000000`00000000 00000000`00000000 00000259`65416fd2 00000000`00000001 : msaccess!AccessLoadString+0x2d08a000000d5`de9340e0 00007ff7`0c89e772 : 00000000`10000102 00000259`1a11a860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c508000000d5`de9359e0 00007ff7`0c652af6 : 00000259`1a11a860 00000259`411d4fa8 00000259`26922ec0 00000259`1a11a860 : msaccess!AccessLoadString+0x24ad2000000d5`de935e00 00007ff7`0c652989 : 00007fff`b56e423c 00007ff8`74ec5f8b 00007ff7`0cb17b46 00007ff7`0c8f8d91 : msaccess!SizeCallback+0xdc006000000d5`de935ff0 00007ff7`0cb1ebc3 : 00000000`00000000 00000259`65416fd2 000000d5`de9365a8 00000000`0000000f : msaccess!SizeCallback+0xdbe99000000d5`de936050 00007ff7`0cb1f70c : 00000259`1a11a860 00000000`00000000 00000259`167b0fd0 00000259`1a11a860 : msaccess!FUniqueIndexTableFieldEx+0xfcb63000000d5`de9364e0 00007ff7`0cae155c : 00000259`1a11a860 000000d5`de9365c0 00000000`00000000 00000259`1963ef00 : msaccess!FUniqueIndexTableFieldEx+0xfd6ac000000d5`de936570 00007ff7`0cb147a6 : 00000259`167b0fd0 00000000`00008000 00000259`3279af40 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xbf4fc000000d5`de9365f0 00007ff7`0c8f847d : 00000259`65416fc8 00000000`00000000 00000259`395fdf90 00000000`ffffffef : msaccess!FUniqueIndexTableFieldEx+0xf2746000000d5`de936650 00007fff`b5717504 : 00000000`00000000 00000259`395fdf90 000000d5`de9366a0 00000259`2f645f90 : msaccess!AccessLoadString+0x7e7dd000000d5`de936680 00007fff`b56ce8b5 : 00000000`00000000 00000000`00000000 00000259`395fde78 00000000`00000000 : VBE7!CProjitemDocument::LoadDocItem+0x58000000d5`de9366c0 00007fff`b587f624 : 00000000`00000000 00000000`00000000 00000259`3950a498 00000000`00000001 : VBE7!HostGetBaseClassTypeInfo3+0xf5000000d5`de936720 00007fff`b587b071 : 00000259`3d12c9d0 000000d5`de9369a8 000000d5`de936ca0 00000259`5c1b0000 : VBE7!IMPMGR::HookUpBaseTypeInfo+0xb8000000d5`de936790 00007fff`b587ad91 : 00000259`3d12c9d0 00007ff8`00000010 00000259`5c1b0000 00000000`00000000 : VBE7!IMPMGR::LoadTypeInfo+0xe5000000d5`de9367d0 00007fff`b587bbc4 : 00000259`3d12c9d0 00000000`00000010 00000259`00000000 000000d5`de9368a8 : VBE7!IMPMGR::GetTypeInfo+0xcd000000d5`de936840 00007fff`b587c1e1 : 00000259`3d12c9d0 00007ff8`00000000 000000d5`de9368a8 000000d5`de9369a8 : VBE7!IMPMGR::GetCoClassTypeInfoOfBase+0x78000000d5`de936880 00007fff`b587f3ed : 00000259`3d12c9d0 000000d5`de9369f8 000000d5`de936a10 00000001`00000001 : VBE7!IMPMGR::GetBaseTypeInfoAttribute+0x65000000d5`de9369d0 00007fff`b581b8a3 : 00000259`3d12c9d0 00000259`1720bbe0 000000d5`de936ad0 00000259`12a4cfd0 : VBE7!IMPMGR::Write+0x1f5000000d5`de936a20 00007fff`b58238a5 : 00000259`25556c40 00000259`1720bbe0 00000259`00000000 00000259`2ea31f60 : VBE7!BASIC_TYPEROOT::WriteParts+0x583000000d5`de936ae0 00007fff`b5823430 : 00000259`25556c40 00000259`1720bbe0 00000259`00000000 000000d5`de936b48 : VBE7!BASIC_TYPEROOT::WriteToStream+0xe5000000d5`de936b20 00007fff`b57f5292 : 00000259`25556c40 00000259`2d30af00 000000d5`de936e80 000000d5`de9371d8 : VBE7!BASIC_TYPEROOT::Write+0x1b0000000d5`de936c60 00007fff`b57f4c3a : 00000259`3cc89f80 00000259`2d30af00 000000d5`de930004 00000259`00000001 : VBE7!ExecProj::SaveModule+0x32a000000d5`de9372b0 00007fff`b56e423c : 00000259`3cc89f80 00000000`00000000 000000d5`00000001 00000259`1a11a860 : VBE7!ExecProj::Save+0x1da000000d5`de9378e0 00007ff7`0c8fa8b8 : 00000259`39504f38 00007fff`b570e621 00000259`3ce058b0 00000259`39504f38 : VBE7!Project::StgSave+0x134000000d5`de9379c0 00007ff7`0cb17b46 : 00000000`00000000 00000000`00000000 00000259`39504f38 00000259`39504f38 : msaccess!AccessLoadString+0x80c18000000d5`de937a30 00007ff7`0c8f8d91 : 00000259`3279af40 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf5ae6000000d5`de937b00 00007ff7`0cb15658 : 00000259`3279af70 00000000`80004005 00000259`3279af40 00000000`00000000 : msaccess!AccessLoadString+0x7f0f1000000d5`de937ef0 00007ff7`0cb15fac : 00000259`3279af40 000000d5`de938040 00000000`00000000 00000259`00000000 : msaccess!FUniqueIndexTableFieldEx+0xf35f8000000d5`de937fa0 00007ff7`0cadb86c : 00000000`00000000 00000000`00000001 00000259`26922ec0 00000000`00000001 : msaccess!FUniqueIndexTableFieldEx+0xf3f4c000000d5`de938040 00007ff7`0c36edd0 : 00000259`26922ec0 00000259`26922ec0 00000259`26922ec0 00000000`00000000 : msaccess!FUniqueIndexTableFieldEx+0xb980c000000d5`de938170 00007ff7`0cbe95da : 00000000`00000000 00000259`26922ec0 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x33150000000d5`de9381b0 00007ff7`0c3720f1 : 00000000`00000002 000000d5`de9386e0 00000000`00000002 00000000`00000000 : msaccess!OpenHscrEmbedded+0x7972a000000d5`de938370 00007ff7`0c36348e : 000000d5`de938510 000000d5`de938648 00000259`16044f70 000000d5`de938648 : msaccess!ReleaseAccessIconResource+0x36471000000d5`de9384b0 00007ff7`0c508775 : 000000d5`de9386e0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!ReleaseAccessIconResource+0x2780e000000d5`de9385d0 00007ff7`0c504855 : 000000d5`de93c2b0 00000000`00000000 00007ff8`74f9fbcc 000000d5`de93dbf0 : msaccess!MSAU_ErrSortStringArray+0x34605000000d5`de93c250 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e5000000d5`de93db00 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a477000000d5`de93f1e0 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba000000d5`de93f700 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef000000d5`de93f8a0 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df05000000d5`de93f980 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c72000000d5`de93f9c0 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x17000000d5`de93f9f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c