phpbb -- NULL byte injection vulnerability

Secunia reports:

ShAnKaR has discovered a vulnerability in phpBB, which can
be exploited by malicious users to compromise a vulnerable
system.
Input passed to the “avatar_path” parameter in
admin/admin_board.php is not properly sanitised before
being used as a configuration variable to store avatar
images. This can be exploited to upload and execute
arbitrary PHP code by changing “avatar_path” to a file with
a trailing NULL byte.
Successful exploitation requires privileges to the
administration section.