Adobe Security Bulletin APSB16-29 for Adobe Flash Player describes multiple flaws that can possibly lead to code execution when Flash Player is used to play a specially crafted SWF file.
Quoting from the APSB16-29:
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2016-4287).
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, CVE-2016-6932).
These updates resolve security bypass vulnerabilities that could lead to information disclosure (CVE-2016-4271, CVE-2016-4277, CVE-2016-4278).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4182, CVE-2016-4237, CVE-2016-4238, CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, CVE-2016-6924).
Note that APSB16-29 claims to fix CVE-2016-4182, CVE-2016-4237, and CVE-2016-4238. Those issue are also listed as fixed in APSB16-25 released in July - see bug 1355971.
(In reply to Tomas Hoger from comment #1)
> Note that APSB16-29 claims to fix CVE-2016-4182, CVE-2016-4237, and
> CVE-2016-4238. Those issue are also listed as fixed in APSB16-25 released
> in July - see bug 1355971.
APSB16-29 was updated to remove those incorrectly listed CVEs:
September 13, 2016: Removed CVE-2016-4182, CVE-2016-4237 and CVE-2016-4238,
which were inadvertently included in the original version of this bulletin.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Red Hat Enterprise Linux 5 Supplementary
Via RHSA-2016:1865 https://rhn.redhat.com/errata/RHSA-2016-1865.html