Adobe Security Advisory APSA18-01 for Adobe Flash Player describes an use-after-free flaw that can possibly lead to code exeucution when Flash Player is used to play a specially crafted SWF file. Quoting from the APSA18-01: Use-after-free Remote Code Execution Critical CVE-2018-4878 Reference: https://helpx.adobe.com/security/products/flash-player/apsa18-01.html
Fixed Flash Player version is not yet available. Quoting from the Adobe Security Bulletin: Adobe will address this vulnerability in a release planned for the week of February 5.
Updated Flash Player version 28.0.0.161 was released today to correct this issue. The update is documented in the Adobe Security Bulletin APSB18-03, which describes one additional use-after-free flaw corrected in the same update: Use After Free Remote Code Execution Critical CVE-2018-4877 External References: https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2018:0285 https://access.redhat.com/errata/RHSA-2018:0285