CVE-2012-5118

Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an integer value during the handling of GPU command buffers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: 2012-11-07 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2012-5118 is rated Moderate Risk (53.5/100): CVSS High severity, with medium exploitation likelihood (EPSS 1.27%). Mandatory action: Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2012-5118

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.89% 1.27% +0.39%
2 2025-03-30 1.30% 0.89% -0.41%
3 2025-03-29 1.30%

Full EPSS history (5 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2012-5118

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
10.0 6.4 [email protected]

Weakness enumeration for CVE-2012-5118

OS Trackers for CVE-2012-5118

vendor priority summary link
gentoo high CVE-2012-5118: 1 GLSA(s) (201309-16), 2 atom(s) (dev-lang/v8, www-client/chromium); latest impact high. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2012-5118
ubuntu medium CVE-2012-5118 medium priority: Ubuntu including 1 source packages (chromium-browser), 6 status rows across 6 suites (hardy, lucid, oneiric, precise, quantal, upstream): not-affected 4, DNE 1, released 1. https://ubuntu.com/security/CVE-2012-5118

Affected software / configurations for CVE-2012-5118

Vendor Product Version Raw CPE
google chrome <= 23.0.1271.62 cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
google chrome 23.0.1271.0 cpe:2.3:a:google:chrome:23.0.1271.0:*:*:*:*:*:*:*
google chrome 23.0.1271.1 cpe:2.3:a:google:chrome:23.0.1271.1:*:*:*:*:*:*:*
google chrome 23.0.1271.2 cpe:2.3:a:google:chrome:23.0.1271.2:*:*:*:*:*:*:*
google chrome 23.0.1271.3 cpe:2.3:a:google:chrome:23.0.1271.3:*:*:*:*:*:*:*
google chrome 23.0.1271.4 cpe:2.3:a:google:chrome:23.0.1271.4:*:*:*:*:*:*:*
google chrome 23.0.1271.5 cpe:2.3:a:google:chrome:23.0.1271.5:*:*:*:*:*:*:*
google chrome 23.0.1271.6 cpe:2.3:a:google:chrome:23.0.1271.6:*:*:*:*:*:*:*
google chrome 23.0.1271.7 cpe:2.3:a:google:chrome:23.0.1271.7:*:*:*:*:*:*:*
google chrome 23.0.1271.8 cpe:2.3:a:google:chrome:23.0.1271.8:*:*:*:*:*:*:*
google chrome 23.0.1271.9 cpe:2.3:a:google:chrome:23.0.1271.9:*:*:*:*:*:*:*
google chrome 23.0.1271.10 cpe:2.3:a:google:chrome:23.0.1271.10:*:*:*:*:*:*:*
google chrome 23.0.1271.11 cpe:2.3:a:google:chrome:23.0.1271.11:*:*:*:*:*:*:*
google chrome 23.0.1271.12 cpe:2.3:a:google:chrome:23.0.1271.12:*:*:*:*:*:*:*
google chrome 23.0.1271.13 cpe:2.3:a:google:chrome:23.0.1271.13:*:*:*:*:*:*:*
google chrome 23.0.1271.14 cpe:2.3:a:google:chrome:23.0.1271.14:*:*:*:*:*:*:*
google chrome 23.0.1271.15 cpe:2.3:a:google:chrome:23.0.1271.15:*:*:*:*:*:*:*
google chrome 23.0.1271.16 cpe:2.3:a:google:chrome:23.0.1271.16:*:*:*:*:*:*:*
google chrome 23.0.1271.17 cpe:2.3:a:google:chrome:23.0.1271.17:*:*:*:*:*:*:*
google chrome 23.0.1271.18 cpe:2.3:a:google:chrome:23.0.1271.18:*:*:*:*:*:*:*
google chrome 23.0.1271.19 cpe:2.3:a:google:chrome:23.0.1271.19:*:*:*:*:*:*:*
google chrome 23.0.1271.20 cpe:2.3:a:google:chrome:23.0.1271.20:*:*:*:*:*:*:*
google chrome 23.0.1271.21 cpe:2.3:a:google:chrome:23.0.1271.21:*:*:*:*:*:*:*
google chrome 23.0.1271.22 cpe:2.3:a:google:chrome:23.0.1271.22:*:*:*:*:*:*:*
google chrome 23.0.1271.23 cpe:2.3:a:google:chrome:23.0.1271.23:*:*:*:*:*:*:*
google chrome 23.0.1271.24 cpe:2.3:a:google:chrome:23.0.1271.24:*:*:*:*:*:*:*
google chrome 23.0.1271.26 cpe:2.3:a:google:chrome:23.0.1271.26:*:*:*:*:*:*:*
google chrome 23.0.1271.30 cpe:2.3:a:google:chrome:23.0.1271.30:*:*:*:*:*:*:*
google chrome 23.0.1271.31 cpe:2.3:a:google:chrome:23.0.1271.31:*:*:*:*:*:*:*
google chrome 23.0.1271.32 cpe:2.3:a:google:chrome:23.0.1271.32:*:*:*:*:*:*:*
google chrome 23.0.1271.33 cpe:2.3:a:google:chrome:23.0.1271.33:*:*:*:*:*:*:*
google chrome 23.0.1271.35 cpe:2.3:a:google:chrome:23.0.1271.35:*:*:*:*:*:*:*
google chrome 23.0.1271.36 cpe:2.3:a:google:chrome:23.0.1271.36:*:*:*:*:*:*:*
google chrome 23.0.1271.37 cpe:2.3:a:google:chrome:23.0.1271.37:*:*:*:*:*:*:*
google chrome 23.0.1271.38 cpe:2.3:a:google:chrome:23.0.1271.38:*:*:*:*:*:*:*
google chrome 23.0.1271.39 cpe:2.3:a:google:chrome:23.0.1271.39:*:*:*:*:*:*:*
google chrome 23.0.1271.40 cpe:2.3:a:google:chrome:23.0.1271.40:*:*:*:*:*:*:*
google chrome 23.0.1271.41 cpe:2.3:a:google:chrome:23.0.1271.41:*:*:*:*:*:*:*
google chrome 23.0.1271.44 cpe:2.3:a:google:chrome:23.0.1271.44:*:*:*:*:*:*:*
google chrome 23.0.1271.45 cpe:2.3:a:google:chrome:23.0.1271.45:*:*:*:*:*:*:*
google chrome 23.0.1271.46 cpe:2.3:a:google:chrome:23.0.1271.46:*:*:*:*:*:*:*
google chrome 23.0.1271.49 cpe:2.3:a:google:chrome:23.0.1271.49:*:*:*:*:*:*:*
google chrome 23.0.1271.50 cpe:2.3:a:google:chrome:23.0.1271.50:*:*:*:*:*:*:*
google chrome 23.0.1271.51 cpe:2.3:a:google:chrome:23.0.1271.51:*:*:*:*:*:*:*
google chrome 23.0.1271.52 cpe:2.3:a:google:chrome:23.0.1271.52:*:*:*:*:*:*:*
google chrome 23.0.1271.53 cpe:2.3:a:google:chrome:23.0.1271.53:*:*:*:*:*:*:*
google chrome 23.0.1271.54 cpe:2.3:a:google:chrome:23.0.1271.54:*:*:*:*:*:*:*
google chrome 23.0.1271.55 cpe:2.3:a:google:chrome:23.0.1271.55:*:*:*:*:*:*:*
google chrome 23.0.1271.56 cpe:2.3:a:google:chrome:23.0.1271.56:*:*:*:*:*:*:*
google chrome 23.0.1271.57 cpe:2.3:a:google:chrome:23.0.1271.57:*:*:*:*:*:*:*
google chrome 23.0.1271.58 cpe:2.3:a:google:chrome:23.0.1271.58:*:*:*:*:*:*:*
google chrome 23.0.1271.59 cpe:2.3:a:google:chrome:23.0.1271.59:*:*:*:*:*:*:*
google chrome 23.0.1271.60 cpe:2.3:a:google:chrome:23.0.1271.60:*:*:*:*:*:*:*
google chrome 23.0.1271.61 cpe:2.3:a:google:chrome:23.0.1271.61:*:*:*:*:*:*:*

References for CVE-2012-5118

cvelogic Threat Intelligence