Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."
Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris May Lead to a Denial of Service (DoS) or Arbitrary Code Execution (Adobe Security Bulletin APSB09-19)