When calling Color.setRGB in AS2 it is possible to free the target_mc object used in the Color constructor while a reference remains in the stack.
025afc3b744a755fe32430c68ff260ef742b1772b907721185ee3c58dbde5b57
Gentoo Linux Security Advisory 201507-13 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.481 are affected.
9e22b6b377c344d3976d867790d2fd90102944fdef8f98bff06a9f65c5188c39
Red Hat Security Advisory 2015-1214-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-16 listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
207cb44b46900e919ee484a2f608e57a00fc19f6d2231bcd8e833090f4bb6dd0