That's not why
anything. There's no such thing as a "HTML5 buffer". There are ArrayBuffers, part of the WebGL/Typed Array spec, and there is buffering for some objects, like embedded tags. Please, don't say something
will be vulnerable to an exploit unless you're an expert with considerable experience on the subject.
Side note: there appears to be some confusion surrounding HTML5, furthered by useless posts by news sites that say the 3DS doesn't support HTML5. The 3DS already supports some features of HTML5, hell, some 10 year old browsers support certain features of HTML5 because HTML5 standardizes them. The fact is that
no browser is currently 100% conforming to the HTML5 specification, and the specification itself isn't yet finalized.
As for Nintendo increasing support of HTML5, who knows? The PS3 recently received a browser update, which included an improved rendering engine and increased the HTML5 score, so it's not completely out of the question. With regards to the browser being exploitable (and getting back on topic), don't get your hopes up. With theories of sandboxing and hypervisors, even if a vulnerability is found there's no guarantee of a hack.