Endpoint Vulnerability

Use-after-free in HTML5 string parser

Description

Security researcher ca0nguyen, working with HP's Zero Day Initiative, reported a use-after-free issue in the HTML5 string parser when parsing a particular set of table-related tags in a foreign fragment context such as SVG. This results in a potentially exploitable crash.

Affected Products

Firefox

References

CVE-2016-1960,