Adobe Flash bug allow spying Webcam hole that can be exploited via clickjacking techniques to turn on people’s webcams or microphones without their knowledge. Attack involved putting Adobe Flash Settings Manager page into an iFrame and masking it with a game, so that when the user clicked on the buttons he would actually change the settings and turn on the webcam. Stanford University computer science student Feross Aboukhadijeh based his proof-of-concept exploit on a similar one disclosed back in 2008 by an anonymous researcher.
Source: https://thehackernews.com/2011/10/adobe-flash-bug-allow-spying-webcam.html