The host is installed with Google Chrome before 40.0.2214.91 and is prone to a HTML5 application content spoofing vulnerability. A flaw is present in the application, which proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error. Successful exploitation allows man-in-the-middle attackers to spoof HTML5 application content.