Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Speech allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows DirectX allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements used in an sql command (‘sql injection’) in SQL Server allows an authorized attacker to elevate privileges over a network.