chromium is vulnerable to heap-based buffer overflow. The vulnerability exists in downloading an HTML file not properly validate which allows an attacker can add a malicious code to the certificate to overflow four attacker-controlled bytes on the stack.