Hi malware fighters,
6% of defects in open software code is due to so-called buffer overruns enabling exploits. But what is a buffer overrun? It is effectively explained here:
http://www.infosecwriters.com/texts.php?op=display&id=134
Then read “Old threats never die”" :
http://www.infosecwriters.com/text_resources/pdf/IBM_ISS_old_threats_never_die_GOllmann.pdf
polonus