Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes.