The reward varies on the severity of the bug, and those deemed particularly critical or clever will receive the larger amount. Google admits that this program is nothing new, tipping its hat to Mozilla for the organization's "long-running and successful vulnerability reward program."
Virtually any security hole found in Stable, Beta, and Dev builds of the browser is eligible, and even some Chromium project plug-ins (such as Google Gears) and third-party components (like WebKit or libxml) qualify for payment.
Naturally, cash is doled out on a first come first served basis, so if you find a bug, be quick to submit it. Unfortunately, payment cannot be issued to some countries, including Cuba, Iran, North Korea, Sudan, and Syria.