A vulnerability has been reported in Adobe Flash Player versions 126.96.36.199 and older, which is the current version available for download now. Adobe has not yet released a patch nor an official advisory. Stay tuned for further developments. 
Symantec have now seen this exploit in the wild;
The ThreatCon is currently at Level 2: Elevated.
The DeepSight ThreatCon is currently at Level 2 in response to the discovery of in-the-wild exploitation of a vulnerability affecting Adobe Flash Player. The flaw occurs when processing a malicious SWF file. Originally this issue was believed to be unpatched and unknown, but further technical analysis has revealed that it is the previously reported Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability (BID 28695), discovered by Mark Dowd of IBM. Adobe has released an official statement noting that Flash Player versions 188.8.131.52 aren’t affected by these attacks and confirming that the SWF files are in fact leveraging this flaw. We are continuing to investigate our findings as well, because we seem to be observing crashing on some 184.108.40.206 versions. — 2007-May-29 Symantec 
The vulnerability is disputed by Adobe PSIRT;
The exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 220.127.116.11 (CVE-2007-0071). This exploit does NOT appear to include a new, unpatched vulnerability as has been reported elsewhere – customers with Flash Player 18.104.22.168 should not be vulnerable to this exploit. — Adobe PSIRT 
Update to a non-vulnerable version of the Flash player.
* Upgrade to Flash Player 22.214.171.124 (?)
If you have a vulnerable version of the Flash player.
* Avoid browsing to untrustworthy sites.
* Consider disabling or uninstalling Flash until patches are available.
* Deploy script-blocking mechanisms, such as NoScript for Firefox, to explicitly prevent SWFs from loading on all but explicitly trusted sites.
* Temporarily set the kill bit until patches availability is confirmed.
 Adobe flash player vuln (2008-May-27 ) [SANS]
 ThreatCon (2008-May-29 ) [Symantec]
 Retired: Adobe Flash Player SWF File Remote Code Execution Vulnerability (2008-May-27 ) [SecurityFocus]
 Potential Flash Player issue (2008-May-27 ) [Adobe PSIRT]
 Potential Flash Player issue – update (2008-May-28 ) [Adobe PSIRT]
 Followup to Flash/swf stories (2008-May-28 ) [SANS]
 Malicious swf files? (2008-May-27 ) [SANS]
 Adobe Flash Player Unspecified Vulnerability (2008-May-28- ) [Secunia]