Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050