The host is installed with Axiosys Bento4 through 1.6.0-639 and is prone to a null pointer dereference vulnerability. A flaw is present in the applications which fails to properly handle an issue in AP4_StszAtom::GetSampleSize. Successful exploitation allows remote attackers to cause unspecified impact.