CVE-2007-0671

8.8 HIGH CISA KEV - Actively Exploited

Published: February 03, 2007 Modified: October 22, 2025

Description

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/31901

Source: secure@microsoft.com

http://secunia.com/advisories/24008

Source: secure@microsoft.com

Vendor Advisory

http://securitytracker.com/id?1017584

Source: secure@microsoft.com

http://vil.nai.com/vil/content/v_141393.htm

Source: secure@microsoft.com

http://www.avertlabs.com/research/blog/?p=191

Source: secure@microsoft.com

http://www.kb.cert.org/vuls/id/613740

Source: secure@microsoft.com

US Government Resource

http://www.microsoft.com/technet/security/advisory/932553.mspx

Source: secure@microsoft.com

Vendor Advisory

http://www.securityfocus.com/bid/22383

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA07-044A.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2007/0463

Source: secure@microsoft.com

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015

Source: secure@microsoft.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/32178

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301

Source: secure@microsoft.com

http://osvdb.org/31901

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24008

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1017584

Source: af854a3a-2127-422b-91ae-364da2661108

http://vil.nai.com/vil/content/v_141393.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.avertlabs.com/research/blog/?p=191

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/613740

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.microsoft.com/technet/security/advisory/932553.mspx

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/22383

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA07-044A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2007/0463

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/32178

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301

Source: af854a3a-2127-422b-91ae-364da2661108

https://learn.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-0671

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

28 reference(s) from NVD

Quick Stats

CVSS v3 Score

8.8 / 10.0

EPSS (Exploit Probability)

68.4%

99th percentile

Exploitation Status

Actively Exploited

Remediation due: 2025-09-02

Affected Vendors

microsoft