Bento4 is an open source C library for reading and writing MP4 files. Bento4 version 1.6.0-639 suffers from a denial of service vulnerability that stems from a null pointer dereference in AP4_File::ParseStream in Core/Ap4File.cpp. An attacker could exploit the vulnerability to cause a denial-of-service attack.