Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. http://sfsecurity.pr.erau.edu
An
Attacker finds a way
to force a buffer overflow
to meet their
purposes
¸Attackers know
common vulnerabilities of vendors and their
products
¸Attackers learn from the web and from each other how to make buffer overflows occur
¸Attackers acquire
ways to make buffer overflows lead to
hijacking a system or planting seeds for future
attacks

