USER32.DLL buffer overflow allows code to be executed. This vulnerability can potentially be used for silent spyware/adware installation.
vulners.com/securityvulns/securityvulns:doc:7553
vulners.com/securityvulns/securityvulns:doc:7554
vulners.com/securityvulns/securityvulns:doc:7557