Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. http://sfsecurity.pr.erau.edu
An
End User may find a
Buffer Overflow unintentionally
or may search for
it
¸An ordinary user may
observe unusual activity or symptoms of
buffer overflow
¸Security shops like Eeye and university groups search for vulnerabilities by playing the role of attackers on new and old products

