Saurabh Sharma

**Name of the Vulnerable Software and Affected Versions** SkinCrafter version 3.0 **Description** A buffer overflow issue exists in the InitLicenKeys function in a certain ActiveX control in SkinCrafter3 vs2005.dll, allowing remote attackers to execute arbitrary code via a long string in the first argument, also known as the `reg name` argument. **Recommendations** For SkinCrafter version 3.0, consider disabling the InitLicenKeys function as a temporary workaround until a patch is available. Restrict access to the SkinCrafter3 vs2005.dll module to minimize the risk of exploitation. Avoid using long strings in the `reg name` argument in the affected ActiveX control until the issue is resolved.