Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/19540http://secunia.com/advisories/14568http://www.securityfocus.com/bid/12798http://securitytracker.com/id?1013423http://www.osvdb.org/14885http://marc.info/?l=full-disclosure&m=111073068631287&w=2http://www.vupen.com/english/advisories/2005/0260
