Adobe Security Bulletin APSB16-37 for Adobe Flash Player describes multiple flaws that can possibly lead to code execution when Flash Player is used to play a specially crafted SWF file. Quoting from the APSB16-37: These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-7860, CVE-2016-7861, CVE-2016-7865). These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864). External References: https://helpx.adobe.com/security/products/flash-player/apsb16-37.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Supplementary Red Hat Enterprise Linux 6 Supplementary Via RHSA-2016:2676 https://rhn.redhat.com/errata/RHSA-2016-2676.html