To try the thousands of add-ons available here, download Mozilla Firefox, a fast, free way to surf the Web!
CloseWelcome to Firefox Add-ons.
Choose from thousands of extra features and styles to make Firefox your own.
ClosePlayFlash 64bit Version History
24 versions
Be careful with old versions!
These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.
Version 30.0.0.113
Fixed Issues:
- Host cannot promote Participants into Host or Presenter role in a Connect Meeting.
New Features:
- Spectre / Meltdown Mitigations
Security Enhancements:
- Type Confusion: Arbitrary Code Execution [Critical] (CVE-2018-4945)
- Integer Overflow: Information Disclosure [Important] (CVE-2018-5000)
- Out-of-bounds read: Information Disclosure [Important] (CVE-2018-5001)
- Stack-based buffer overflow: Arbitrary Code Execution [Critical] (CVE-2018-5002)
- Source code released under Mozilla Public License, version 2.0
Version 29.0.0.171
Fixed Issues:
- Gradients in static SWFs shows "Movie Not Loaded" in Flash Player (FP-4198806)
Security Enhancements:
- Type Confusion: Arbitrary Code Execution [Critical] (CVE-2018-4944)
- Source code released under Mozilla Public License, version 2.0
Version 29.0.0.113
Fixed Issues:
- Flash Player settings panel become unresponsive when hardware acceleration is turned off on Firefox.
- Flash Player quit unexpectedly when "by.blooddy.crypto.Base64" class try to decode BASE64.(FP-4198772)
- Flash Player Protected mode + Async drawing on Firefox causes the font color to be inverted
- SecureSocket and RTMPS with OpenSSL is not sending "server_name" SNI headers.
- Flash Player will not connect via SecureSocket to a server running only TLS1.2.
New Features:
Not for PC.
Security Enhancements:
- Use After Free: Remote Code Execution [Critical] (CVE-2018-4919)
- Type Confusion: Remote Code Execution [Critical] (CVE-2018-4920)
- Source code released under Mozilla Public License, version 2.0
Version 28.0.0.161
Fixed Issues:
- Assorted security and functional fixes
Security Enhancements:
- Use After Free: Remote Code Execution [Critical] (CVE-2018-4878)
- Use After Free: Remote Code Execution [Critical] (CVE-2018-4877)
- Source code released under Mozilla Public License, version 2.0
Version 28.0.0.137
Security Enhancements:
- Out-of-bounds Read: Information Disclosure [Important] (CVE-2018-4871)
New plugin release v28.0.0.126
Fixed Issues:
- Memory leak is observed when running a Stage3D application using Baseline_Constrained profile (FP-4198562)
- The volume slider is not visible while playing the video CHUD-2-Bud-The-Chud in fullscreen mode.
- (Playback issues are observed while playing the DRM content on Chrome.)
- (File upload dialog becomes unresponsive on Chrome when using the Scratch editor (FP-4198254))
New Features:
- Some AIR features mostly for iOS and Android
Security Enhancements:
- Business Logic Error - Unintended reset of global settings preference file [Moderate] (CVE-2017-11305)
- Source code released under Mozilla Public License, version 2.0
Version 27.0.0.187
Fixed Issues:
- LoadMovie on layers other than 0 causes access violation in C# WinForms (FP-4198533).
- Flash Player quits unexpectedly before the content is loaded in certain cases.
Security Enhancements:
- Out-of-bounds Read - Remote Code Execution [Critical] (CVE-2017-3112)
- Out-of-bounds Read - Remote Code Execution [Critical] (CVE-2017-3114)
- Out-of-bounds Read - Remote Code Execution [Critical] (CVE-2017-11213)
- Use after free - Remote Code Execution [Critical] (CVE-2017-11215)
- Use after free - Remote Code Execution [Critical] (CVE-2017-11225)
- Source code released under Mozilla Public License, version 2.0
Version 27.0.0.170
Fixed Issues (done in v27.0.0.159):
- Audio device selection not working when there are multiple devices with same name(FP-4198585)
- Content freezes while switching the tabs on Firefox (FP-4198571, FP-4198555)
- Video stops rendering after minimizing/restoring the Firefox browser window.
Security Enhancements:
- Type Confusion - Remote Code Execution [Critical] (CVE-2017-11292)
- Source code released under Mozilla Public License, version 2.0
Version 27.0.0.130
Fixed Issues:
- The application will behave abnormally when spacebar is pressed in the Text Field.(FP-4198253)
- [Win10] Context menu displayed with Offset when Flash Player movie fullscreen on Chrome(FP-4198406)
New Features:
- Support Audio Output Selection in Flash Player
- Support ActionScript API for Audio Device Manager
Security Enhancements:
- Memory Corruption - Remote Code Execution [Critical] (CVE-2017-11281)
- Memory Corruption - Remote Code Execution [Critical] (CVE-2017-11282)
- Source code released under Mozilla Public License, version 2.0
Version 26.0.0.151
Fixed Issues:
- Graphics vector assets are not rendering properly.(FP-4198401)
- 2.5D rotation is not working as expected on Windows and Mac Chrome (FP-4198483)
Security Enhancements:
- Security Bypass - Information Disclosure [Important] (CVE-2017-3085)
- Type Confusion - Remote Code Execution [Critical] (CVE-2017-3106)
- Source code released under Mozilla Public License, version 2.0
Version 26.0.0.131
Fixed Issues:
- Buttons can't be clicked in some AS2 content (FP-4198473)
- Source code released under Mozilla Public License, version 2.0
Version 26.0.0.126
Fixed Issues:
- removeMovieClip() method is not working as expected(FP-4198425,FP-4198400)
- catalog.kaientai.cc viewer application quits unexpectedly. (FP-4198403)
- Video quits unexpectedly while playing from tw.youvivid.com/preview_showcase.asp (FP-4198402)
- Flash Player quits unexpectedly upon interaction with site tabs(FP-4198407)
- [Win 10]Incorrect KeyboardEvent CharCode while shift is pressed(or Capslock)(FP-4198430)
- FileReference size and creationDate throws IO Error (FP-4198443)
New Features:
- iOS, Edge, mobile features
Security Enhancements:
- Use After Free - Remote Code Execution [Critical] (CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084)
- Memory Corruption - Remote Code Execution [Critical] (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082)
- Source code released under Mozilla Public License, version 2.0
Version 25.0.0.171
Fixed Issues:
- Previous slide's video's audio keeps playing even when next slide is loaded (FLASH-4187660)
Security Enhancements:
- These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2017-3071).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074).
- Source code released under Mozilla Public License, version 2.0
Version 25.0.0.148
Fixed Issues:
- [Windows]Flash player unresponsive after connecting with the socket.(FP-4198296)
Security Enhancements:
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-3058, CVE-2017-3059, CVE-2017-3062, CVE-2017-3063).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3060, CVE-2017-3061, CVE-2017-3064).
- Source code released under Mozilla Public License, version 2.0
Version 25.0.0.127
Fixed Issues:
- Pressing Space bar in the Text Field makes the app behave abnormally.( FP-4198253)
- Flash Player 24.0.0.221 quits unexpectedly(FP-4198250)
- Unresponsive behaviour is observed for microphone on Windows 10/FireFox (FP- 4061929)
- [Windows 10] Movie reload or restart playing when user clicks "SPACE" key. (FP-4198252)
- Multiple security and functional fixes
Security Enhancements:
- These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2017-2997).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2998, CVE-2017-2999).
- These updates resolve a random number generator vulnerability used for constant blinding that could lead to information disclosure (CVE-2017-3000).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-3001, CVE-2017-3002, CVE-2017-3003).
- Source code released under Mozilla Public License, version 2.0
Version 24.0.0.221
Fixed Issues:
- Multiple security and functional fixes
Security Enhancements:
- These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2017-2995).
- Source code released under Mozilla Public License, version 2.0
Version 24.0.0.194
Fixed Issues:
- Socket connection fails with Security error#2048.(4198184)
- Event handler Event.CONNECT is not called when using flash.net.Socket to connect the server. (4198188)
Security Enhancements:
- These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2017-2938).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-2932, CVE-2017-2936, CVE-2017-2937).
- These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931).
- Source code released under Mozilla Public License, version 2.0
Version 24.0.0.186
Fixed Issues:
- Enabling async drawing shows boundaries for transparent object (4196843).
- Worker is taking more time to write object in a shared byte array (4170367).
- "ALT GR+0" Does not return @ on french layout Keyboard(4196791)
- Blank screen is observed until mouse click received after enabling Async drawing (4197066).
- Scaling the swf does not trigger a corresponding scaling of the hit area of elements in browser(4197425).
- Flash Player quits unexpectedly while playing http://www.evil3d.cn/example/ (4195719)
- Black screen is observed when video is seeking on Chrome(4186499).
- Seek bar does not appear on hovering mouse cursor on video(4186564).
- Action Script is unable to handle MOUSE_MOVE event(4186547).
New Features:
- Spherical video support in Flash and AIR
- Separate HTTP and HTTPS permissions for Camera and Microphone
- Improved support for high resolution displays on Firefox for Windows
Security Enhancements:
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-7872, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7892).
- These updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-7871, CVE-2016-7873, CVE-2016-7874, CVE-2016-7875, CVE-2016-7876).
- These updates resolve a security bypass vulnerability (CVE-2016-7890).
- Source code released under Mozilla Public License, version 2.0
Version 23.0.0.207
Fixed Issues:
- Stability bugs and security fixes
Security Enhancements:
- These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-7860, CVE-2016-7861, CVE-2016-7865).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864).
- Source code released under Mozilla Public License, version 2.0
Version 23.0.0.205
Security Enhancements:
- These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2016-7855).
- Source code released under Mozilla Public License, version 2.0
Version 23.0.0.185
Security Enhancements:
- These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2016-6992).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-6981, CVE-2016-6987).
- These updates resolve a security bypass vulnerability (CVE-2016-4286).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, CVE-2016-6990).
- Source code released under Mozilla Public License, version 2.0
Version 23.0.0.162
Fixed Issues:
New Features:
- Mozilla NPAPI AsyncDrawing Support
- HSTS Support in Flash Player
- Disabling local-with-filesystem access in Flash Player by default
- Video and Camera support for Stage3D by VideoTexture for Flash Player (Release)
Security Enhancements:
- These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2016-4287).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, CVE-2016-6932).
- These updates resolve security bypass vulnerabilities that could lead to information disclosure (CVE-2016-4271, CVE-2016-4277, CVE-2016-4278).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, CVE-2016-6924).
- Source code released under Mozilla Public License, version 2.0
Version 22.0.0.209
Fixed Issues:
- Embedded Flash player in Adobe Reader fails to load in Firefox and Internet Explorer (4167793)
- [Windows]Blank screen is observed and content is not loading (4165783)
- [Windows]Blank artifacts are observed while playing some 3D content (4166319)
New Features:
Security Enhancements:
- These updates resolve a race condition vulnerability that could lead to information disclosure (CVE-2016-4247).
- These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).
- These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246).
- These updates resolve a memory leak vulnerability (CVE-2016-4232).
- These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).
- These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178)
- Source code released under Mozilla Public License, version 2.0
Version 22.0.0.192
Fixed Issues:
- SecurityError.prototype in Dictionary throws an exception [4100136]
- Printing via FlexPrintJob, border of the "Print" button is missing [4136816]
- Player crashes if "totalFrames" property of a loaded volatile MovieClip is accessed [4127339]
- XML attributes randomly receiving null characters [4100928]
- PPAPI Printed rectangle gets shifted in position [4119300]
- [Chrome Only] Portrait mode prints objects smaller as compared to landscape mode [4122310]
- DisplayObject.setScrollRect is throwing error 1508 [4150980]
- Space metacharacter [\s] doesn't include non-breaking spaces [\xA0] [4138365]
- Error#1508 thrown on site https://app.kwanti.com/tools and blank screen appears [4136470]
- EnableLocalAppData
- Override Flash Player's default language via mms.cfg
- These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4144, CVE-2016-4149).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148).
- These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2016-4135, CVE-2016-4136, CVE-2016-4138).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171).
- These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4140).
- These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2016-4139).
- Source code released under Mozilla Public License, version 2.0
Version 21.0.0.242
Plugin v21.0.0.242 release notes
Fixed Issues:
- Truncation and printing issues on http://www.usflashmap.com/ (4129993)
- Space metacharacter (\s) is no longer including non-breaking spaces (\xA0) (4137804)
- Fixed instability issues encountered with certain Mac video cards
- These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110).
- These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).
- These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115).
- These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).
- Source code released under Mozilla Public License, version 2.0
To create your own collections, you must have a Mozilla Add-ons account.