CVE-2009-3798
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
Date published : 2009-12-10
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html