CVE-2004-1451 Information

Description

Mozilla before 1.6 does not display the entire URL in the status bar when a link contains 00 which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks.

Reference

http://bugzilla.mozilla.org/show_bug.cgi?id=228176 http://secunia.com/advisories/10419/ http://www.mozilla.org/projects/security/known-vulnerabilities.html