The host is installed with Google Chrome before 3.0.195.32 and is prone to an incomplete blacklist vulnerability. A flaw is present in the application, which fails to handle a "Content-Disposition: attachment" designation. Successful exploitation allows remote attackers to force the download of certain dangerous files.