The host is installed with Google Chrome before 37.0.2062.94 and is prone to extension permission dialog spoofing vulnerability. A flaw is present in the application, which does not prevent use of a '\0' character in a host name. Successful exploitation allow attackers to spoof the extension permission dialog by relying on truncation after this character.