Weak permissions for registry key allow user defined DLL to be attacjed to system level process.
vulners.com/securityvulns/securityvulns:doc:14062