Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. http://sfsecurity.pr.erau.edu
An End User may find a
Buffer Overflow unintentionally
or may search for it
¸An ordinary user may observe unusual activity or symptoms of buffer
overflow
¸Security shops like Eeye and university groups search for vulnerabilities
by playing the role of attackers on new and old
products