Google Toolbar Dialog Spoofing Vulnerability by Aviv Raff discloses an exploit with Google’s Toolbar versions four and five. The exploit comes into play when a user adds a button to their Google toolbar. When added, a hacker can spoof the information displayed in the dialog box and influence that user to download malicious files on to their computers.
Aviv has a very detailed and clear example of how this exploit works at his blog. Google is reportedly working on a fix at the time of this release.