Vulnerability Details : CVE-2012-5118
Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an integer value during the handling of GPU command buffers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2012-5118
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-5118
0.87%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-5118
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2012-5118
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5118
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/79865
Google Chrome code execution CVE-2012-5118 Vulnerability Report
-
https://code.google.com/p/chromium/issues/detail?id=149717
149717 - Security: integer overflow in webgl on osx - chromium - Monorail
-
http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html
Chrome Releases: Stable Channel Release and Beta Channel UpdateVendor Advisory
-
http://www.securityfocus.com/bid/56413
Google Chrome Prior to 23.0.1271.64 Multiple Security Vulnerabilities
Jump to