PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of
memory via crafted binary data sent to a script that processes user
input in the html_entity_decode function and sends the encoded results
back to the client, aka a "binary safety" issue. NOTE: this issue has
been referred to as a "memory leak," but it is an information leak that
discloses memory contents.

Patch pulled from cvs.php.net

--- php-4.4.2/ext/standard/html.c	2006/01/01 13:46:57	1.63.2.23.2.1
+++ php-4.4.2/ext/standard/html.c	2006/02/25 21:33:06	1.63.2.23.2.2
@@ -793,7 +793,7 @@
 	enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
 	unsigned char replacement[15];
 	
-	ret = estrdup(old);
+	ret = estrndup(old, oldlen);
 	retlen = oldlen;
 	if (!retlen) {
 		goto empty_source;