CVE-2008-4788 Information

Description

Microsoft Internet Explorer 6 omits high-bit URL-encoded characters when displaying the address bar which allows remote attackers to spoof the address bar via a URL with a domain name that differs from an important domain name only in these characters as demonstrated by using examA9ple.com to spoof example.com aka MSRC ticket MSRC7900.

Reference

http://www.securityfocus.com/archive/1/497825/100/0/threaded http://www.securityfocus.com/archive/1/497827/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/46235