Adobe Security Bulletin APSB16-01 for Adobe Flash Player describes multiple flaws that can possibly lead to code execution when Flash Player is used to play a specially crafted SWF file. Quoting from the APSB16-01: These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-8644). These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-8651). These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-8459, CVE-2015-8460, CVE-2015-8636, CVE-2015-8645). External References: https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2015:2697 https://rhn.redhat.com/errata/RHSA-2015-2697.html
Update from 2016/06/23: "June 23, 2016: Added reference for CVE-2016-0959, which was resolved in these updates but inadvertently omitted from the original version of the bulletin."