Adobe Security Bulletin APSB15-25 for Adobe Flash Player describes multiple flaws that can possibly lead to code execution when Flash Player is used to play a specially crafted SWF file. Quoting from the APSB15-25: These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-7629, CVE-2015-7631, CVE-2015-7643, CVE-2015-7644). These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-7632). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, CVE-2015-7634). External References: https://helpx.adobe.com/security/products/flash-player/apsb15-25.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2015:1893 https://rhn.redhat.com/errata/RHSA-2015-1893.html
APSB15-25 was updated on Oct14 to list additional CVEs which were previously omitted. Revision notes of the Bulletin includes this info: October 14, 2015: Added CVEs credited to Yuki Chen of Qihoo 360 Vulcan Team The following section of the Bulletin was updated with additional CVEs: These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7637, CVE-2015-7638, CVE-2015-7639, CVE-2015-7640, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, CVE-2015-7644).
APSB15-25 was updated on Nov5 to indicate that the CVE-2015-7634 issue, originally listed as memory corruption problem, was determined to be limited to a NULL pointer dereference crash. Therefore, it is no longer considered to be a security flaw and was removed from the bulletin. November 5, 2015: Removed CVE-2015-7634 from the bulletin. This CVE was originally classified as a memory corruption issue, but has since been reclassified as a non-exploitable null pointer dereference bug.
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2015:2024 https://rhn.redhat.com/errata/RHSA-2015-2024.html