A security vulnerability exists in the MPEG-4 decoding functionality of the GPAC project on Advanced Content library v1.0.1, an open source multimedia framework. The vulnerability stems from the handling of the “hdlr” FOURCC code, where a carefully constructed MPEG-4 input could lead to incorrect memory allocation, which could be exploited by an attacker to cause a heap buffer overflow, resulting in memory corruption.