Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.
https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html
https://security.gentoo.org/glsa/201610-10
https://helpx.adobe.com/security/products/flash-player/apsb16-36.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128
http://www.securitytracker.com/id/1037111