Tomcat contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user sends a web.xml file containing parsing errors to Tomcat, causing it to start with improper security settings. This flaw may lead to a loss of integrity.
Upgrade to version 4.0-b7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.