While trying to install www/linux-f10-flashplayer11 from ports per the handbook instructions, installation has been stopped by the vulnerability database flagging textproc/linux-f10-expat (CVE-2009-3720) and graphics/linux-f10-png. The expat vulnerability seemed safe enough to override, but the linux-f10-png one indicates remote code execution is possible (CVE-2011-3048). I don't know if there are any other uncorrected vulnerabilities, but how is one supposed to get Flash working in one's browser in this situation?