updated 07:25 pm EDT, Tue September 20, 2011
Users' address books could be copied
This new vulnerability echoes a similar problem found in May by security researcher Guy Maddern, who discovered a way to execute a malicious payload in chat mode using Skype for Mac computers (version 5.x). The company at the time said the issue, which allowed attackers the chance at gaining full privileges for the compromised machine, had been discovered and fixed by the time reports appeared on it.
Attacking message is received using JS code in Full Name field