As part of an ongoing investigation on Adobe Flash SOP bypass techniques, we identified a vulnerability affecting old releases of the Adobe Flex SDK compiler. Further investigation traced the issue back to a known vulnerability (CVE-2011-2461), already patched by Adobe in apsb11-25.
more here...........http://blog.nibblesec.org/2015_03_01_archive.html
more here...........http://blog.nibblesec.org/2015_03_01_archive.html