JNLP would only be vulnerable if the workstation utilizing PSM is running an older version of Java:
Java Runtime Environment 6 update 1
Java Runtime Environment 5 update 11
CVE-2007-3655 is a client side vulnerability. Ensure that the Java installed on the workstations initiating PSM is current. The TPAM Release Notes for TPAM 2.5.916 (current at this time) indicate that the required version of Java is 7.0.45 or higher.