Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when prompting for HTTP Basic Authentication, displays the site requesting the authentication after the Realm text, which might make it easier for remote HTTP servers to conduct phishing and spoofing attacks.
Any news on this one?
Fixed in firefox3
In 2.x, too, I guess?
Nothing for mozilla to do here.
Fixed as per https://bugzilla.mozilla.org/show_bug.cgi?id=244273
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).