EIP-2026-102686

PRE-CVE

Mozilla Firefox 1.0.x/1.5 - HTML Parsing Null Pointer Dereference Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102686. PoCs published by Thomas Waldegger.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in Mozilla Firefox by using malformed HTML content. The specific combination of tags causes the browser to fail or hang.

Description

Mozilla Firefox 1.0.x/1.5 - HTML Parsing Null Pointer Dereference Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Thomas Waldegger · textdoslinux

https://www.exploit-db.com/exploits/27635

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service vulnerability in Mozilla Firefox by using malformed HTML content. The specific combination of tags causes the browser to fail or hang.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Mozilla Firefox versions 1.5.0.1 and prior

No auth needed

Prerequisites: A vulnerable version of Mozilla Firefox · Ability to deliver malformed HTML content to the target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026