Everyone needs to take a breath, and take a look at the CapOne web site. The certificate contains the correct URL for that page. The problem is NOT the SSL cert; it's the stupid Verisign seal thingy.
That Verisign seal thingy is coded to show the wrong sub-domain. Apparently CapitalOne created a seal for one sub-domain and inappropriately used it on a page in a different domain. They could do that because nothing the seal prevents it's use in the wrong domain. It won't even alert the user to an erroneous use.
That's the problem with the Verisign assurance seal. It assures absolutely nothing.
For yucks, create a Versign seal -- but pay attention to their rules!