This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to download arbitrary files using Yahoo! Messenger's vulnerable CYFT ActiveX control.
Yahoo! Messenger CYFT ActiveX control is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input.
This issue affects the 'GetFile()' method of the 'ft60.dll' CYFT Object. This control is identified by CLSID: 24F3EAD6-8B87-4C1A-97DA-71C126BDA08F.
Successfully exploiting this issue allows an attacker to upload malicious files to an arbitrary location on a victim's computer; the files will have the permissions of the application using the ActiveX control (typically Internet Explorer).
Yahoo! Messenger 220.127.116.111 is vulnerable; other versions may also be affected.