Adobe just released a patch to a vulnerability I had reported to them.
The issue is due to a lack of input validation which allows a specially crafted SWF file to cause Flash Player to perform an arbitrary memory read.
Exploiting the issue results in DoS (i.e crashes the browser). Further analysis might show it may lead to arbitrary code execution as well.
This update contains fixes to other vulnerabilities as well, so go update :)