Fixed a possible super-global overwrite inside import_request_variables(). (by Stefano Di Paola, Stefan Esser)
Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc library. (by Stanislav Malyshev)
While majority of the issues outlined above are local, few issues such as the XML-RPC overflows can be triggered remotely and therefor should be considered critical. If you use the XML-RPC extension consider upgrading as soon as possible.
Other improvements of PHP 4.4.7 include:
About 10 bug fixes.
For a full list of changes in PHP 4.4.7, see the ChangeLog.