CVE-2007-0671
HIGH KEVMicrosoft Excel 2000, XP, 2003, and 2004 for Mac - Remote Code Execution
Title source: llmExploitation Summary
CVE-2007-0671 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added August 12, 2025.
Description
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
References (15)
Core 15
Core References
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0463
Vendor Advisory x_refsource_confirm
http://www.microsoft.com/technet/security/advisory/932553.mspx
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-044A.html
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32178
Third Party Advisory, US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-0671
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/31901
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/613740
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1017584
Various Sources x_refsource_misc
http://www.avertlabs.com/research/blog/?p=191
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24008
Various Sources x_refsource_misc
http://vil.nai.com/vil/content/v_141393.htm
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22383
Scores
CVSS v3
8.8
EPSS
0.5233
EPSS Percentile
98.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2025-08-12
VulnCheck KEV
2013-03-21
ENISA EUVD
EUVD-2007-0668
Status
published
Products (36)
microsoft/access
2000
microsoft/access
2002
microsoft/access
2003
microsoft/excel
2000
microsoft/excel
2002
microsoft/excel
2003
microsoft/excel
2004
microsoft/excel_viewer
2003
microsoft/frontpage
2000
microsoft/frontpage
2002
... and 26 more
Published
Feb 03, 2007
KEV Added
Aug 12, 2025
Tracked Since
Feb 18, 2026