Posted by Ricardo Iramar dos Santos on Feb 18

Oren Hafif reported a new kind of attack called Reflected File Download (
https://www.blackhat.com/eu-14/briefings.html#reflected-file-download-a-new-web-attack-vector)
in Black Hat Europe 2014 conference.
More details about the attack you can found in his public presentation:
https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf
.
Google and Bing have already fixed the vulnerability but…