For a list of Security vulnerabilities in Tomcat 5, refer to http://tomcat.apache.org/security-5.html
Workaround: if it is not possible to upgrade to ZLM 7.3 IR4 at this time, in the interim , Novell has made a Patch available for testing, in the form of a Field Test File (FTF): it can be obtained at
This Patch has had limited testing, and should not be used in a production system without first being checked in a test environment. Some Patches have specific requirements for deployment, it is very important to follow any instructions in the readme at the download site. Please report any problems encountered when using this Patch, by using the feedback link on this TID.