This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempt to exploit a remote file download vulnerability by sending specially crafted arguments into a a method of C6 Messenger ActiveX Control.
C6 Messenger is an IM application.
C6 Messenger Installation URL Downloader ActiveX control is prone to a vulnerability that lets remote attackers download files from arbitrary locations to an affected computer.
Specifically, the vulnerability affects the 'propDownloadUrl()' method of the Installation URL Downloader ActiveX control identified by CLSID:
Attackers may exploit this issue by enticing victims into visiting a maliciously crafted webpage.
Download and install all vendor patches related to this vulnerability.