A denial of service flaw was found in the way certain strings were
converted to Double objects. A remote attacker could use this flaw to
cause Tomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476)
Tomcat must be restarted for this update to take effect.