9.3
CVE-2007-0671
- EPSS 68.36%
- Published 03.02.2007 01:28:00
- Last modified 13.08.2025 01:00:01
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Excel Viewer Version2003
Microsoft ≫ Powerpoint Version2000
Microsoft ≫ Powerpoint Version2002
Microsoft ≫ Powerpoint Version2003
Microsoft ≫ Powerpoint Version2004 Editionmac
Microsoft ≫ Word Viewer Version2003
12.08.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog
Microsoft Office Excel Remote Code Execution Vulnerability
VulnerabilityMicrosoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Excel file is opened. This malicious file could be delivered as an email attachment or hosted on a malicious website. An attacker could leverage this vulnerability by creating a specially crafted Excel file, which, when opened, allowing an attacker to execute remote code on the affected system.
DescriptionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 68.36% | 0.986 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|