Security Protocols has an article on Exploiting Buffer Overflow Vulnerabilities under Windows XP.
The article seemed to have been culled from http://www.infosecwriters.com/hhworld/hh8/ specifically, http://www.infosecwriters.com/hhworld/hh8/WideChapter.txt but I don't know why there isn't a direct link to it by Security Protocols.
I am wondering if the link is in a bad neighbourhood so I am taking my cue from Security Protocols and not linking to it for the time being.