According to http://tomcat.apache.org/security-5.html Fixed in Apache Tomcat 5.5.18 Cross-site scripting CVE-2006-7195 The implict-objects.jsp in the examples webapp displayed a number of unfiltered header values. This enabled a XSS attack. These values are now filtered. Affects: 5.0.0-5.0.HEAD, 5.5.0-5.5.17
The severity of this flaw depends on if the examples are 1) distributed and 2) accessible for a given Tomcat package.
Advisory text: "The implict-objects.jsp file distributed in the examples webapp displayed a number of unfiltered header values. If the jsp examples are accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks. (CVE-2006-7195)"
This was addressed via: Red Hat Application Server v2 4AS (RHSA-2007:0326) Red Hat Enterprise Linux version 5 (RHSA-2007:0327) Red Hat Developer Suite v.3 (AS v.4) (RHSA-2007:0328) Red Hat Application Server 3AS (RHSA-2007:0340) Red Hat Network Satellite Server 5.0 (RHEL v.4 AS) (RHSA-2008:0261) Red Hat Network Satellite Server v 4.2 (RHEL v.3 AS) (RHSA-2008:0524) Red Hat Network Satellite Server v 4.2 (RHEL v.4 AS) (RHSA-2008:0524)