Software Engineering Lifecycle. ©2002. Jan G. Hogle,  Susan L. Gerhart.  http://sfsecurity.pr.erau.edu
An Attacker finds a way
to force a buffer overflow
to meet their purposes
¸Attackers know common vulnerabilities of vendors and their products
¸Attackers learn from the web and from each other how to make buffer overflows occur
¸Attackers acquire ways to make buffer overflows lead to hijacking a system or planting seeds for future attacks