Adobe Flash Player 9.0.124.0 adds a new feature to perform a cross-domain policy file check before allowing a SWF file to send HTTP headers to a different domain.
Public now via: http://www.adobe.com/support/security/bulletins/apsb08-11.html Lifting embargo.
This issue was addressed in: Red Hat Enterprise Linux Extras: http://rhn.redhat.com/errata/RHSA-2008-0221.html