The Mozilla Foundation has released Firefox 73 that addresses multiple vulnerabilities. Attackers could exploit some of the vulnerabilities to take control of impacted systems.
In the latest security advisory 2020-05, Mozilla addressed three high severity and three moderate rated vulnerabilities.
The fixed high risk bugs include:
- CVE-2020-6796: Missing bounds check on shared memory read in the parent process
- CVE-2020-6800: Memory safety bugs
- CVE-2020-6801: Memory safety bugs.
Also, Mozilla noted that the memory safety bugs could be exploited to run arbitrary code.
In addition to Firefox 73, Mozilla also released security updates for Firefox ESR 68.5 and Thunderbird 68.5.