Elevated privileges are not dropped then user-supplied program is launched.
vulners.com/securityvulns/securityvulns:doc:7933