CVE-2012-2271

Name of the Vulnerable Software and Affected Versions SkinCrafter version 3.0

Description A buffer overflow issue exists in the InitLicenKeys function in a certain ActiveX control in SkinCrafter3 vs2005.dll, allowing remote attackers to execute arbitrary code via a long string in the first argument, also known as the reg name argument.

Recommendations For SkinCrafter version 3.0, consider disabling the InitLicenKeys function as a temporary workaround until a patch is available. Restrict access to the SkinCrafter3 vs2005.dll module to minimize the risk of exploitation. Avoid using long strings in the reg name argument in the affected ActiveX control until the issue is resolved.