A vulnerability in Apache Tomcat allows remote attackers to disclose the content of files stored on the remote server by exploiting a vulnerability in the way the WebDAV LOCK function handles requests.

http://www.securiteam.com/exploits/6S00D1FK0K.html