Versions of Tomcat 7.0.x earlier than 7.0.12 are potentially affected by multiple vulnerabilities :
An information disclosure exists in the HTTP BIO connector. (CVE-2011-1475)
A security bypass vulnerability exists due to a regression in the fix for CVE-2011-1088. Note that this issue only affects Tomcat 7.0.11.(CVE-2011-1183)
Binary data 800625.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1183
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1475
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5064
tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.12_(released_6_Apr_2011)