Vulnerability Lab researchers identified a high risk memory corruption flaw that affects the 5.6.59.x versions of the popular messaging applications. By exploiting this flaw, an attacker could remotely crash a computer that’s running Windows 7 simply by sending a file from a Linux client.
The experts demonstrated this vulnerability, found in the file transfer module, by sending a file from Skype v18.104.22.168 Beta for Linux to a contact that was running Skype 22.214.171.124 on a Windows 7 x64 operating system. This transfer resulted in a stable memory corruption on the Windows client side.
“The vulnerability can be exploited by remote attackers with low required user inter action (accept). Successful exploitation requires to accept a file transfer (user inter action) or receive messages & information,” Vulnerability Lab representatives told us.