The Angler exploit kit has added an exploit for a Flash Player flaw fixed by Adobe just a couple of weeks ago. The exploit for CVE-2015-3090 involves a race condition in the shader class. Angler uses this to execute arbitrary code and infect unpatched users systems. The way that the exploit work is: Check if target is vulnerable. Create a vector filled with vectors of length 0xA6. This is the corrupted vector used for out-of-bounds memory accesses. Post-corruption exploitation techniques are the same.”]
Source: https://securityaffairs.co/wordpress/37296/cyber-crime/angler-ek-integrates-new-flash-bug.html