To try the thousands of add-ons available here, download Mozilla Firefox, a fast, free way to surf the Web!
CloseWelcome to Firefox Add-ons.
Choose from thousands of extra features and styles to make Firefox your own.
ClosePlayFlash 32bit Version History
29 versions
Be careful with old versions!
These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.
Version 30.0.0.113
Fixed Issues:
- Host cannot promote Participants into Host or Presenter role in a Connect Meeting.
New Features:
- Spectre / Meltdown Mitigations
Security Enhancements:
- Type Confusion: Arbitrary Code Execution [Critical] (CVE-2018-4945)
- Integer Overflow: Information Disclosure [Important] (CVE-2018-5000)
- Out-of-bounds read: Information Disclosure [Important] (CVE-2018-5001)
- Stack-based buffer overflow: Arbitrary Code Execution [Critical] (CVE-2018-5002)
- Source code released under Mozilla Public License, version 2.0
Version 29.0.0.171
Fixed Issues:
- Gradients in static SWFs shows "Movie Not Loaded" in Flash Player (FP-4198806)
Security Enhancements:
- Type Confusion: Arbitrary Code Execution [Critical] (CVE-2018-4944)
- Source code released under Mozilla Public License, version 2.0
Version 29.0.0.113
Fixed Issues:
- Flash Player settings panel become unresponsive when hardware acceleration is turned off on Firefox.
- Flash Player quit unexpectedly when "by.blooddy.crypto.Base64" class try to decode BASE64.(FP-4198772)
- Flash Player Protected mode + Async drawing on Firefox causes the font color to be inverted
- SecureSocket and RTMPS with OpenSSL is not sending "server_name" SNI headers.
- Flash Player will not connect via SecureSocket to a server running only TLS1.2.
New Features:
Not for PC.
Security Enhancements:
- Use After Free: Remote Code Execution [Critical] (CVE-2018-4919)
- Type Confusion: Remote Code Execution [Critical] (CVE-2018-4920)
- Source code released under Mozilla Public License, version 2.0
Version 28.0.0.161
Fixed Issues:
- Assorted security and functional fixes
Security Enhancements:
- Use After Free: Remote Code Execution [Critical] (CVE-2018-4878)
- Use After Free: Remote Code Execution [Critical] (CVE-2018-4877)
- Source code released under Mozilla Public License, version 2.0
Version 28.0.0.137
Security Enhancements:
- Out-of-bounds Read: Information Disclosure [Important] (CVE-2018-4871)
New plugin release v28.0.0.126
Fixed Issues:
- Memory leak is observed when running a Stage3D application using Baseline_Constrained profile (FP-4198562)
- The volume slider is not visible while playing the video CHUD-2-Bud-The-Chud in fullscreen mode.
- (Playback issues are observed while playing the DRM content on Chrome.)
- (File upload dialog becomes unresponsive on Chrome when using the Scratch editor (FP-4198254))
New Features:
- Some AIR features mostly for iOS and Android
Security Enhancements:
- Business Logic Error - Unintended reset of global settings preference file [Moderate] (CVE-2017-11305)
- Source code released under Mozilla Public License, version 2.0
Version 27.0.0.187
Fixed Issues:
- LoadMovie on layers other than 0 causes access violation in C# WinForms (FP-4198533).
- Flash Player quits unexpectedly before the content is loaded in certain cases.
Security Enhancements:
- Out-of-bounds Read - Remote Code Execution [Critical] (CVE-2017-3112)
- Out-of-bounds Read - Remote Code Execution [Critical] (CVE-2017-3114)
- Out-of-bounds Read - Remote Code Execution [Critical] (CVE-2017-11213)
- Use after free - Remote Code Execution [Critical] (CVE-2017-11215)
- Use after free - Remote Code Execution [Critical] (CVE-2017-11225)
- Source code released under Mozilla Public License, version 2.0
Version 27.0.0.170
Fixed Issues (done in v27.0.0.159):
- Audio device selection not working when there are multiple devices with same name(FP-4198585)
- Content freezes while switching the tabs on Firefox (FP-4198571, FP-4198555)
- Video stops rendering after minimizing/restoring the Firefox browser window.
Security Enhancements:
- Type Confusion - Remote Code Execution [Critical] (CVE-2017-11292)
- Source code released under Mozilla Public License, version 2.0
Version 27.0.0.130
Fixed Issues:
- The application will behave abnormally when spacebar is pressed in the Text Field.(FP-4198253)
- [Win10] Context menu displayed with Offset when Flash Player movie fullscreen on Chrome(FP-4198406)
New Features:
- Support Audio Output Selection in Flash Player
- Support ActionScript API for Audio Device Manager
Security Enhancements:
- Memory Corruption - Remote Code Execution [Critical] (CVE-2017-11281)
- Memory Corruption - Remote Code Execution [Critical] (CVE-2017-11282)
- Source code released under Mozilla Public License, version 2.0
Version 26.0.0.151
Fixed Issues:
- Graphics vector assets are not rendering properly.(FP-4198401)
- 2.5D rotation is not working as expected on Windows and Mac Chrome (FP-4198483)
Security Enhancements:
- Security Bypass - Information Disclosure [Important] (CVE-2017-3085)
- Type Confusion - Remote Code Execution [Critical] (CVE-2017-3106)
- Source code released under Mozilla Public License, version 2.0
Version 26.0.0.131
Fixed Issues:
- Buttons can't be clicked in some AS2 content (FP-4198473)
- Source code released under Mozilla Public License, version 2.0
Version 26.0.0.126
Fixed Issues:
- removeMovieClip() method is not working as expected(FP-4198425,FP-4198400)
- catalog.kaientai.cc viewer application quits unexpectedly. (FP-4198403)
- Video quits unexpectedly while playing from tw.youvivid.com/preview_showcase.asp (FP-4198402)
- Flash Player quits unexpectedly upon interaction with site tabs(FP-4198407)
- [Win 10]Incorrect KeyboardEvent CharCode while shift is pressed(or Capslock)(FP-4198430)
- FileReference size and creationDate throws IO Error (FP-4198443)
New Features:
- iOS, Edge, mobile features
Security Enhancements:
- Use After Free - Remote Code Execution [Critical] (CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084)
- Memory Corruption - Remote Code Execution [Critical] (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082)
- Source code released under Mozilla Public License, version 2.0
Version 25.0.0.171
Fixed Issues:
- Previous slide's video's audio keeps playing even when next slide is loaded (FLASH-4187660)
Security Enhancements:
- These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2017-3071).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074).
- Source code released under Mozilla Public License, version 2.0
Version 25.0.0.148
Fixed Issues:
- [Windows]Flash player unresponsive after connecting with the socket.(FP-4198296)
Security Enhancements:
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-3058, CVE-2017-3059, CVE-2017-3062, CVE-2017-3063).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3060, CVE-2017-3061, CVE-2017-3064).
- Source code released under Mozilla Public License, version 2.0
Version 25.0.0.127
Fixed Issues:
- Pressing Space bar in the Text Field makes the app behave abnormally.( FP-4198253)
- Flash Player 24.0.0.221 quits unexpectedly(FP-4198250)
- Unresponsive behaviour is observed for microphone on Windows 10/FireFox (FP- 4061929)
- [Windows 10] Movie reload or restart playing when user clicks "SPACE" key. (FP-4198252)
- Multiple security and functional fixes
Security Enhancements:
- These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2017-2997).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2998, CVE-2017-2999).
- These updates resolve a random number generator vulnerability used for constant blinding that could lead to information disclosure (CVE-2017-3000).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-3001, CVE-2017-3002, CVE-2017-3003).
- Source code released under Mozilla Public License, version 2.0
Version 21.0.0.242
Fixed Issues:
- Truncation and printing issues on http://www.usflashmap.com/ (4129993)
- Space metacharacter (\s) is no longer including non-breaking spaces (\xA0) (4137804)
- Fixed instability issues encountered with certain Mac video cards
- These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110).
- These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).
- These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115).
- These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).
- Source code released under Mozilla Public License, version 2.0
Version 21.0.0.213
Fixed Issues:
- API changed with DisplayObject.scrollRect that broke backwards compatibility [4130875]
- Animal Jam mini/micro games quits unexpectedly after minimal playtime [4130309]
- Gapminder World gives OOM message [4127403]
- [Mac][NPAPI] Framerate gets accelerated on when calling JavaScript from Flash on enterFrame [4127305]
- Error 1508 The value specified for argument sourceRect is invalid, is thrown [4118087]
- These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations (CVE-2016-1006).
- These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1015, CVE-2016-1019).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, CVE-2016-1031).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, CVE-2016-1033).
- These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2016-1018).
- These updates resolve a security bypass vulnerability (CVE-2016-1030).
- These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-1014).
- Source code released under Mozilla Public License, version 2.0
Version 21.0.0.197
Fixed Issues:
- Significant performance degradation while reading/writing LSOs [4127545]
- Source code released under Mozilla Public License, version 2.0
Version 21.0.0.182
Fixed Issues:
- Browser freezes on playing a gaming SWF [4109643]
- Flash content freezes in a game developed in ActionScript2 [4109228]
- OOM observed in an educational program [4111701]
- gotoAndStop works incorrectly [4109904]
- Windows 10 Firefox: Mic access not working [4040485]
- GPU Memory Information In Context3D
- Support for Browser Zoom Factor in Firefox
- Simplified LSO UI
- These updates resolve integer overflow vulnerabilities that could lead to code execution (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000).
- These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2016-1001).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, CVE-2016-1005).
- Source code released under Mozilla Public License, version 2.0
Version 20.0.0.306
- Source code released under Mozilla Public License, version 2.0
Version 20.0.0.286
- Source code released under Mozilla Public License, version 2.0
To create your own collections, you must have a Mozilla Add-ons account.