A '''browser exploit''' is a short piece of code that exploits a software [[computer bug|bug]] in a [[web browser]] such that the code makes the browser do something unexpected, including crash, read or write local files, propagate a [[computer virus|virus]] or install [[spyware]]. Malicious code may exploit [[HTML]], [[JavaScript]], Images, [[ActiveX]], [[Java (programming language)|Java]] and other Web technologies. HTML alone is harmless (can only crash browser in some cases on vulnerable web browsers), however, in conjunction with malicious ActiveX or Java code, it can potentially freeze or crash a browser, or even crash the computer running that browser.
The term "browser exploit" can also refer to the actual bug in the browser [[code]].
