Software Practice & Experience April 2003, Vol 33, No 5 Security Software p 423 Buffer overflow and format string overflow vulnerabilities K.S. Lhee and S.J. Chapin