Bento4 is an open source C++ library for reading and writing MP4 files. A denial of service vulnerability exists in Bento4 v1.6.0-639, which stems from an out-of-memory issue in the mp42avc component. An attacker can exploit this vulnerability to cause a denial of service.