Security Issue with Adobe Flash Player

Report · Mar 06, 2018

Hi Adobe Experts,

We are using adobe flash player to display Approval graph for Oracle Hyperion. The network team has stopped the adobe flash player due to below vulnerability issues: -

Flash file served by HTTP host without domain name detected

File-Flash_Suspicious-Content-From-IP-Address-Host

Kindly Suggest, how to handle this

Regards,

Chandan Mishra

Report · Mar 07, 2018

Hi Chandan,

Do you have cross-domain policy file in place on your server? Seems to be permission control issue. Please go through mentioned links: Cross-domain policy file specification | Adobe Developer Connection, Adobe Flash Platform * Permission controls. Hope this will help you resolving the issue.

Thanks!

Report · Mar 09, 2018

This has nothing to do with Flash Player per se.

The error that you're reporting is saying that your web-based application is requesting a .SWF file from a host on your network that's referenced only by it's IP address. You would need to either work with your network team to whitelist that particular IP address from their security rule, or you'd need to modify your internal application to serve the offending link from a corresponding hostname and not just an IP address.

I presume that this requirement exists because your IT team manages DNS, and by banning IP address accesses, they can ensure that any new servers added to the network go through them for proper vetting.

Adobe Community

Security Issue with Adobe Flash Player