Code injection is the exploitation of a
computer bug that is caused by processing invalid data. Injection is used by an
attacker to introduce (or "inject")
code into a vulnerable
computer program and change the course of
execution. The result of successful code injection is often disastrous (for instance: code injection is used by some
computer worms to propagate).