Versions earlier than Apache Tomcat 6.0.37 are potentially affected by multiple vulnerabilities :
An error exists related to chunked transfer encoding and extensions that could allow limited denial of service attacks. (CVE-2012-3544)
An error exists related to HTML form authentication and session fixation that could allow an attacker to carry out requests using a victim’s credentials. (CVE-2013-2067)
Binary data 800783.prm