Adobe Security Bulletin APSB15-28 for Adobe Flash Player describes multiple flaws that can possibly lead to code execution when Flash Player is used to play a specially crafted SWF file. Quoting from the APSB15-28: These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-7659). These updates resolve a security bypass vulnerability that could be exploited to write arbitrary data to the file system under user permissions (CVE-2015-7662). These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046). External References: https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2015:2024 https://rhn.redhat.com/errata/RHSA-2015-2024.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2015:2023 https://rhn.redhat.com/errata/RHSA-2015-2023.html