Bento4 is an open source C library for reading and writing MP4 files.A denial of service vulnerability exists in versions prior to Bento4 1.6.0-635. The vulnerability stems from a null pointer dereference in the AP4_Stz2Atom::GetSampleSize component of /Core/Ap4Stz2Atom.cpp. An attacker could exploit this vulnerability to cause a denial of service impact.