The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion.
Name: the Mozilla project
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):