Skype Technologies S.A., has warned that its popular Skype voice chat application could be in danger of risk of computer takeover attacks, warning in two separate advisories that vulnerabilities found could lead to system access or denial-of-service attacks.
Security alerts aggregator Secunia Inc. rates the risk from the flaws as "highly critical" and urged users to apply the appropriate patches immediately.
The more serious of the two bugs is a boundary error that exists when Skype-specific URI types like "callto://" and "skype://" are handled by the application.
This can be exploited to cause a buffer overflow and allows arbitrary code execution, according to an alert posted on the Skype Security Center.
The effected versions of the software include Skype for Windows Releases 1.1.*.0 through 1.4.*.83.