Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.
https://bugzilla.mozilla.org/show_bug.cgi?id=453827
http://secunia.com/advisories/36670
http://secunia.com/advisories/36671
http://secunia.com/advisories/36692
http://secunia.com/advisories/37098
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10871
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5418
http://www.debian.org/security/2009/dsa-1885
http://www.mozilla.org/security/announce/2009/mfsa2009-50.html
http://www.novell.com/linux/security/advisories/2009_48_firefox.html