Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."
Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris May Lead to a Denial of Service (DoS) or Arbitrary Code Execution (Adobe Security Bulletin APSB09-19)