CVE-2007-1970
Mozilla Firefox does not warn the user about HTTP elements on an HTTPS page when the HTTP elements are dynamically created by a delayed document.write, which allows remote attackers to supply unauthenticated content and conduct phishing attacks.
Date published : 2007-04-11
http://www.securityfocus.com/archive/1/464719/100/0/threaded