Adobe Security Bulletin APSB15-09 for Adobe Flash Player describes multiple flaws that can possibly lead to code execution when Flash Player is used to play a specially crafted SWF file. Quoting from the APSB15-09: These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-3078, CVE-2015-3089, CVE-2015-3090, CVE-2015-3093). These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2015-3088). These updates resolve validation bypass issues that could be exploited to write arbitrary data to the file system under user permissions (CVE-2015-3082, CVE-2015-3083, CVE-2015-3085). These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-3087). These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-3077, CVE-2015-3084, CVE-2015-3086). These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2015-3080). External References: https://helpx.adobe.com/security/products/flash-player/apsb15-09.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2015:1005 https://rhn.redhat.com/errata/RHSA-2015-1005.html