Unpatched.ai can make mistakes. Public reports may be added, updated, or removed at any time.
Report ID: 2024-275
An improper input validation issue exists in Microsoft Access, specifically MSACCESS.EXE version 16.0.18227.20162 when opening a specially crafted file. By sending a target the file and convincing them to open it, an attacker could unlikely gain Remote Code Execution (RCE) on the target's computer due to the unpatched issue. However, even if RCE isn't achieved, the crash could result in Denial of Service (DoS) for the target application. In addition, likely due to how Microsoft Access handles recent files, file recovery, and file repair, it is possible the issue could result in a persistent DoS attack, where the application will continue to crash, even after reboot by the target.
ExceptionAddress: 00007fffb5edfd6d (mso20win32client!CrashWithRecovery+0x000000000000004d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000NumberParameters: 2 Parameter[0]: 0000000000000001 Parameter[1]: 0000000000000000Attempt to write to address 0000000000000000Child-SP RetAddr : Args to Child : Call Site00000073`bd1cf1a0 00007fff`b6101b66 : 000001c1`01483052 00000000`00000000 00000000`00000000 00000000`00000000 : mso20win32client!CrashWithRecovery+0x4d00000073`bd1cf200 00007ff8`726f1ee9 : 00000000`00000016 000001c1`12743b78 00000000`00000000 00000000`00000016 : mso20win32client!EnableAbortRedirectLiblet::Uninit+0x9300000073`bd1cf270 00007ff8`726d5011 : 000001c1`12745b01 000001c1`00000000 00000000`00000000 00000073`bd1cf320 : ucrtbase!raise+0x1d900000073`bd1cf2f0 00007ff7`0c56e0ba : 00007fff`00000003 00000000`00000003 ffffffff`fffffffe 000001c1`04cd0ff0 : ucrtbase!abort+0x3100000073`bd1cf320 00007ff8`726f1f37 : 000001c1`12745b78 000001c1`12743b78 00000000`00000000 000001c1`12739778 : msaccess!SetEnumIntlView+0x202a00000073`bd1cf350 00007ff7`0c5c7ed1 : 000001c1`12745b78 00007fff`b64bc560 000001c1`12743b78 00000000`00000083 : ucrtbase!terminate+0x1700000073`bd1cf380 00007ff7`0c5ca322 : 000001c1`12745b78 00000000`00000000 00000000`00000083 000001c1`12743b78 : msaccess!SizeCallback+0x513e100000073`bd1cf3b0 00007ff7`0c89f79e : 00000073`bd1cf458 000001c1`63c7a860 00000000`00000083 00000000`0000fa47 : msaccess!SizeCallback+0x5383200000073`bd1cf410 00007ff7`0c89f846 : 000001c1`12739778 00000073`bd1d0328 00000073`bd1d0328 00000000`0000fea0 : msaccess!AccessLoadString+0x25afe00000073`bd1d02e0 00007ff7`0c89f846 : 000001c1`012deff0 00000073`bd1d11f8 00000073`bd1d11f8 00000000`0000ff45 : msaccess!AccessLoadString+0x25ba600000073`bd1d11b0 00007ff7`0c89f846 : 000001c1`12719d48 00000073`bd1d20c8 00000073`bd1d20c8 00000000`0000000d : msaccess!AccessLoadString+0x25ba600000073`bd1d2080 00007ff7`0c89f846 : 000001c1`11b00ff0 00000073`bd1d2f98 00000073`bd1d2f98 00000000`00000000 : msaccess!AccessLoadString+0x25ba600000073`bd1d2f50 00007ff7`0c8a6d2a : 00000000`0000000c 000001c1`2b713f70 00000073`bd1d5f90 00000000`00000001 : msaccess!AccessLoadString+0x25ba600000073`bd1d3e20 00007ff7`0c8a61a8 : 00000000`00000000 00000000`00000000 00000073`bd1d76c0 00000000`00000001 : msaccess!AccessLoadString+0x2d08a00000073`bd1d45e0 00007ff7`0c89e772 : 00000000`00000102 000001c1`63c7a860 00000000`00008000 00000000`00000000 : msaccess!AccessLoadString+0x2c50800000073`bd1d5ee0 00007ff7`0c652af6 : 00000000`00000000 00007ff7`0cbcbd57 00000206`00000008 00007ff8`7507084c : msaccess!AccessLoadString+0x24ad200000073`bd1d6300 00007ff7`0c652989 : 00000073`bd1d76c0 00007ff7`0c685d6e 00000000`00000080 00000000`00000001 : msaccess!SizeCallback+0xdc00600000073`bd1d64f0 00007ff7`0c64b6d8 : 00000000`00000080 000001c1`63c7a860 00000000`00000202 00000000`00000000 : msaccess!SizeCallback+0xdbe9900000073`bd1d6550 00007ff7`0c64d0d9 : 0000d545`32780394 00000000`00000080 00000073`bd1d84f0 00000000`00000202 : msaccess!SizeCallback+0xd4be800000073`bd1d7820 00007ff7`0c8227c2 : 00000000`00000000 00000073`bd1d8720 00000000`000007d1 00000000`00008000 : msaccess!SizeCallback+0xd65e900000073`bd1d78d0 00007ff7`0c4f1aa6 : 00000000`f229a6a0 00000073`bd1d8720 00000000`00000001 00000073`bd1d8720 : msaccess!MSAU_GetSizeList+0x3f37200000073`bd1d84a0 00007ff7`0c4e936f : 00000000`00000001 00000000`00000016 00000000`00000001 00000073`bd1d8720 : msaccess!MSAU_ErrSortStringArray+0x1d93600000073`bd1d8620 00007ff7`0c5091d6 : 000001c1`0d2c9fe0 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x151ff00000073`bd1d89c0 00007ff7`0c504855 : 00000073`bd1dc6a0 00000000`00000000 00007ff8`74f9fbcc 00000073`bd1ddfe0 : msaccess!MSAU_ErrSortStringArray+0x3506600000073`bd1dc640 00007ff7`0c4fe5e7 : 00000000`00000105 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x306e500000073`bd1ddef0 00007ff7`0c50512a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : msaccess!MSAU_ErrSortStringArray+0x2a47700000073`bd1df5d0 00007ff7`0c7c2e8f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!MSAU_ErrSortStringArray+0x30fba00000073`bd1dfaf0 00007ff7`0c7c3fa5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5cdef00000073`bd1dfc90 00007ff7`0c333c72 : 00000000`0000000a 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!GetAccessIntellisenseManager+0x5df0500000073`bd1dfd70 00007ff8`72f7e8d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msaccess!Ordinal59+0x13c7200000073`bd1dfdb0 00007ff8`74f9fbcc : 00000000`00000000 00000000`00000000 000004f0`fffffb30 000004d0`fffffb30 : KERNEL32!BaseThreadInitThunk+0x1700000073`bd1dfde0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2c