Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability

Apache Tomcat is prone to a remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain sensitive information that will aid in further attacks. Attackers may also crash the JVM. The following versions are affected: Tomcat 5.5.0 through 5.5.33 Tomcat 6.0.0 through 6.0.32 Tomcat 7.0.0 through 7.0.18
Updates are available. Please see the references for more information.