This whitepaper illustrates exploitation of an insufficient data validation vulnerability in the Chromium framework.
You can download it from the following link: https://packetstormsecurity.com/files/download/163176/spoofing-downloaded-filename.pdf
Source: https://packetstormsecurity.com/files/163176/Spoofing-Downloaded-Filenames-Extension-In-Chromium.html