Software Engineering Lifecycle. ©2002. Jan G. Hogle,  Susan L. Gerhart.  http://sfsecurity.pr.erau.edu
An End User may find a
Buffer Overflow unintentionally
or may search for it
¸An ordinary user may observe unusual activity or symptoms of buffer overflow
¸Security shops like Eeye and university groups search for vulnerabilities by playing the role of attackers on new and old products
AppleMark