a critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests.
Adobe recommends users of Adobe Flash Player 10.0.42.34 and earlier versions update to Adobe Flash Player 10.0.45.2
I think this translates to "any website with a malicious flash object can make requests to websites with private information such as email, bank accounts etc". I might be wrong. But unauthorized cross-domain requests are not good. At least the vulnerability does not allow arbitrary code execution, but these days, if you can take over the browser, you are almost as good as taking over the machine itself.
Secbrowsing points to version 10.0.45.2.