Endpoint Vulnerability

Buffer overflow parsing HTML5 fragments

Description

Security researcher firehack reported a buffer overflow when parsing HTML5 fragments in a foreign context such as under an node. This results in a potentially exploitable crash when inserting an HTML fragment into an existing document.

Affected Products

Firefox

References

CVE-2016-2819,