Looks like you are having mod_security issue.
I had the same problem and got my hosting company to change the mod_security and it worked fine after that.
Similar issue here [wordpress.org...]
Hope it's an easy fix for you.
I'd look for any changes in your .htaccess or a path issue. Try clearing cookies (or just use a different browser,) it may be some caching issue in your browser (long shot.)
<for others reading and arriving due to mod_security issues with wordpress>
If you can upload using the classic uploader, but not the Flash uploader, it's likely the Shockwave/Flash mod_security SecRule. Check your mod_security logs.
You don't really want to remove it completely, it's a good thing that it's there. You want to remove it ONLY for async-upload.php. First verify there's an ID on the SecRule, if not, you can arbitrarily add one. Leave a comment so someone knows what you're up to:
## see custom.conf, removedById
SecRule HTTP_User-Agent "^Shockwave Flash" "id:345343245"
If the secRule already has an ID, no need to modify it, just use the ID that's present.
Then mod the config to remove the rule by id for the location. I used custom.conf, which was an empty file. If it doesn't exist, create it and make sure it's used in the main config:
How you would access these varies by host - While the mod_security config file is accessible via WHM, I still had to SSH to the box to create and mod custom.conf.
I posted this in the Apache Forum on discovery asking if this was the most accurate approach and got no answer, so anyone with better ideas speak up. :-)
What file format is the image?
The image is being uploaded and crunched (have checked via FTP and it appears in the gallery listing), so it is not the uploader function that is the issue.
I have tried this on 4 different browsers on 2 different computers so again it is not a caching problem.
Geesh. Since you know the path directly to the image, can you view the image using the path instead of using WordPress? If you can, then you are having some form of WordPress issue and may want to bring this up on the WordPress support forum instead. If you can't, then it sounds like you're having some form of server issue and will need to speak with your host about the issue.
I have posted on the WP support forum and had no serious help and as no one else is having the same issue I will have to ask the hosting company to look into it then.
It was a mod_security issue! All sorted now they've disabled it on our domains
I knew it was ;)
Glad you got it sorted :)