CVE-2007-0671

Severity

93%

Complexity

86%

Confidentiality

165%

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 18 years ago

2007-02-03 01:28:00

Last updated 6 years ago

2018-10-12 21:42:00

Affected Software

Microsoft Access 2000

2000

Microsoft Access 2002

2002

Microsoft Access 2003

2003

マイクロソフト エクセル 2000

2000

Microsoft Excel 2002

2002

マイクロソフト エクセル 2003

2003

Microsoft Excel Viewer 2003

2003

Microsoft Frontpage 2000

2000

Microsoft Frontpage 2002

2002

Microsoft Frontpage 2003

2003

Microsoft InfoPath 2003

2003

Microsoft Office 2000 sp3

2000

Microsoft Office 2003 sp2

2003

Microsoft Office 2004 Mac

2004

Microsoft Office XP Service Pack 3

xp

Microsoft OneNote 2003

2003

Microsoft Outlook 2000

2000

Microsoft Outlook 2002

2002

Microsoft Outlook 2003

2003

Microsoft PowerPoint 2000

2000

Microsoft PowerPoint 2002

2002

Microsoft PowerPoint 2003

2003

Microsoft Project 2000 sr1

2000

Microsoft Project 2002 sp1

2002

Microsoft Office Project 2003

2003

Microsoft Publisher 2000

2000

Microsoft Publisher 2002

2002

Microsoft Publisher 2003

2003

Microsoft Visio 2002 Service Pack 2

2002

Microsoft Visio 2003

2003

Microsoft Word 2000

2000

Microsoft Word 2002

2002

Microsoft Word 2003

2003

Microsoft Word Viewer 2003

2003

References

31901

24008

Vendor Advisory

1017584

http://vil.nai.com/vil/content/v_141393.htm

http://www.avertlabs.com/research/blog/?p=191

VU#613740

US Government Resource

http://www.microsoft.com/technet/security/advisory/932553.mspx

Vendor Advisory

22383

TA07-044A

US Government Resource

ADV-2007-0463

Vendor Advisory

MS07-015

office-unspecified-code-execution(32178)

oval:org.mitre.oval:def:301

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.