Cyber Resilience

CVE-2007-0671

HighCISA KEVActive ExploitationEUVD Exploited

Published: 03 February 2007

Published
03 February 2007
Modified
22 April 2026
KEV Added
12 August 2025
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.5233 98.0th percentile
Risk Priority 69 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2007-0671 is a high-severity an unspecified weakness vulnerability in Microsoft Office. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 2.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-3 (Malicious Code Protection).

Deeper analysis

CVE-2007-0671 is an unspecified vulnerability affecting Microsoft Excel 2000, XP, 2003, and 2004 for Mac, along with possible impacts to other Office products. It enables remote attackers to execute arbitrary code through unknown attack vectors, as demonstrated by the Exploit-MSExcel.h tool. The issue carries a CVSS 3.1 score of 8.8, reflecting network attack reachability, low complexity, and high impact on confidentiality, integrity, and availability when user interaction occurs.

The vulnerability can be exploited by remote attackers who deliver a malicious file that a user must open, resulting in arbitrary code execution on the target system. This vector was observed in targeted zero-day attacks against specific victims.

Public references such as OSVDB 31901, Secunia advisory 24008, and McAfee Avert Labs reporting document the issue and associated exploit activity, though specific patch or mitigation details are not enumerated in the CVE record itself. The flaw was disclosed in early 2007 amid active exploitation campaigns.

EU & UK References

Vulnerability details

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

CWE(s)
KEV Date Added
12 August 2025

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
access
2000, 2002, 2003
microsoft
excel
2000, 2002, 2003
microsoft
excel viewer
2003
microsoft
frontpage
2000, 2002, 2003
microsoft
infopath
2003
microsoft
office
2000, 2003, 2004, xp
microsoft
onenote
2003
microsoft
outlook
2000, 2002, 2003
microsoft
powerpoint
2000, 2002, 2003
microsoft
project
2000, 2002, 2003
+4 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

preventdetect

Malicious code protection mechanisms (AV, sandboxing, attachment scanning) directly inspect and block the malicious Excel files used to trigger arbitrary code execution.

prevent

Flaw remediation requires prompt application of vendor patches that close the unspecified Excel code-execution vulnerability before exploitation.

prevent

Least functionality restricts Excel features (e.g., macros, embedded objects) that remote attackers rely on to deliver and execute malicious payloads.

References