"First off, it's a garden variety use-after-free, not a heap overflow, and it affects the SVG parser Firefox."
So the flaw isn't an extremely incompetent programmer, just a garden-variety terrible programmer? Seriously, use after free errors are way too basic of an error to occur with something that is supposed to be secure. I'm concerned that this was caused by a programmer getting too many 'potential use-after-free' error messages that the compiler was throwing so just decided to turn that feature off rather than try to fix the errors.
As for SVGs, why in the holy fuck, does an -image parser- have access to networking functions? The only thing it should be doing is to draw shapes on a canvas and then send the canvas to a BMP for the browser to paste into the webpage.
Oh well, I suppose its back to Lynx for my secure web browsing needs...