Not if skype renders javascript somehow. Amazon had a similar vulnerability in the "preview this book" feature a few months ago. If you used it to preview certain books that had example XSS payloads, you would get owned.
What does XSS have to do with remote code execution? I mean, it's possible for a Javascript parser to have vulnerabilities that can lead to arbitrary code execution, but the Amazon example seems in no way relevant here.
Well, it's a Register article. I left open the possibility that they called "remote script execution" remote code execution. They already said it gains root access, but then later said it gives shell access, which is not the same thing (since skype does not run as root).
I have no idea what the bug is, all I meant was that it wasn't completely out of the realm of possibility to have something render a payload.
