The problem allows cross-site scripting attacks via websites. US-Cert said there are reported vulnerabilities in Flash (SWF) files that may allow a remote, unauthenticated attacker to conduct cross-site scripting attacks on a vulnerable system.
The Flash file problem comes as US-Cert also reports there is exploit code in the wild to take advantage of a flaw in RealPlayer. The exploit reportedly affects RealPlayer 11 build 126.96.36.1998.
US-Cert will provide more information on this problem at a later date.