Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache Tomcat is prone to a remote information-disclosure vulnerability.
Remote attackers can exploit this issue to obtain sensitive information that will aid in further attacks. Attackers may also crash the JVM.
The following versions are affected:
Tomcat 5.5.0 through 5.5.33
Tomcat 6.0.0 through 6.0.32
Tomcat 7.0.0 through 7.0.18