CVE-2007-0208
Microsoft Office 2000/2003/XP/2004 for Mac - Remote Code Execution via Malicious Macro
Title source: llmDescription
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1017639
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0583
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/34385
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A700
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-044A.html
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22477
Scores
EPSS
0.3011
EPSS Percentile
98.0%
Details
CWE
CWE-20
Status
published
Products (11)
microsoft/office
2000 sp3
microsoft/office
2003 sp2
microsoft/office
2004
microsoft/office
xp sp3
microsoft/word
2000
microsoft/word
2002
microsoft/word
2003
microsoft/word_viewer
2003
microsoft/works
2004
microsoft/works
2005
... and 1 more
Published
Feb 13, 2007
Tracked Since
Feb 18, 2026