Buffer overflows also happen when you use a single char with "%[...]" in scanf; this inputs as many chars as it can match, and null-terminates the string.
Even when they aren't able to be exploited (i.e. not in a program with special uid), buffer overflows can make you program break in strange ways that are hard to find. Carl
