diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php
index c3858465c5..2cc31859a9 100644
--- a/wp-includes/comment-template.php
+++ b/wp-includes/comment-template.php
@@ -818,8 +818,31 @@ function comments_template( $file = '/comments.php', $separate_comments = false
 		$file = '/comments.php';
 
 	$req = get_option('require_name_email');
+
+	/**
+	 * Raw comment author information fetched from the comment cookies.
+	 *
+	 * @uses wp_get_current_commenter()
+	 */
 	$commenter = wp_get_current_commenter();
-	extract($commenter, EXTR_SKIP);
+
+	/**
+	 * The name of the current comment author escaped for use in attributes.  Use
+	 * wp_get_current_commenter() to get the raw value.
+	 */
+	$comment_author = esc_attr($commenter['comment_author']);
+
+	/**
+	 * The email address of the current comment author escaped for use in attributes.  Use
+	 * wp_get_current_commenter() to get the raw value.
+	 */	
+	$comment_author_email = esc_attr($commenter['comment_author_email']);
+
+	/**
+	 * The url of the current comment author escaped for use in attributes.  Use
+	 * wp_get_current_commenter() to get the raw value.
+	 */	
+	$comment_author_url = esc_url($commenter['comment_author_url']);
 
 	/** @todo Use API instead of SELECTs. */
 	if ( $user_ID) {