A Code Injection exists in treekill on Windows which allows a remote code execution when an attacker is able to control the input into the command.