CVE-2017-17086

Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt