Secunia Security Advisory - Red Hat has issued an update for tomcat6. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
403bcdd3f22a1333e72370771c99d1b708cadda15791b2b1b640c36371d2c618