This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.
A database server installed on the remote host is affected by a remote
code execution vulnerability.
The version of IBM Informix Dynamic Server installed on the remote
host is 11.50.x or 11.70.x prior to 11.70.xC7. It is, therefore,
affected by a remote code execution vulnerability in the
'genxmlqueryhdr' and genxmlquery' XML functions due to an overflow
condition. An authenticated, remote attacker can exploit this, via a
specially crafted statement, to cause a denial of service condition or
the execution of arbitrary code.
See also :
Upgrade to IBM Informix Dynamic Server version 11.70.xC7 or later.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 6.7
Public Exploit Available : false