Potentially yes, most every site is vulnerable to it as it's a problem in flash. Though note that the vulnerability is not on the forum server, but on the user end when viewing a malicious flash attachment.
We watch for user content pretty well though, so we'll spot anything obvious uploaded as an avatar. Also note that new users cannot upload anything for a time and need a certain amount of posts before they can.
There is no fix..
Bok