The same-origin policy vulnerability in Adobe Flash is more serious than just a simple software flaw, experts say. It illustrates a fundamental flaw in the way that Flash objects are handled by Web servers and Web browsers, alike, leading to a serious weakness on both ends of the Internet communication channel. Adobe said that the problems Bailey outlined do not represent a vulnerability s Adobe Flash Player. The technology pays no attention to content headers and file extensions and instead relies on the file headers to identify a given file.
Source: https://threatpost.com/adobe-flash-vulnerability-serious-problem-experts-say-111609/73107/