Bento4 is an open source C library for reading and writing MP4 files. version v1.6.0-639 of Bento4 suffers from a denial of service vulnerability, which stems from a boundary error in AP4_Dec3Atom::AP4_Dec3Atom in Ap4Dec3Atom.cpp when handling untrusted input. An attacker could exploit the vulnerability to cause a denial of service.