C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability

info
discussion
exploit
solution
references

C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability

Attackers may exploit this issue by enticing victims into opening a maliciously crafted webpage.

UPDATE (August 11, 2008): Symantec has detected active exploit attempts in the wild.

The following exploit code is available:

/data/vulnerabilities/exploits/29519.html