A security flaw was found in the way handlers for ftp:// and
file:// URL schemes in the Python urllib and urllib2 extensible
libraries processed the urllib open URL request. A remote attacker
could use this flaw to access sensitive information or cause
a denial of service (excessive CPU and memory use) of a Python
web application, processing URLs, via a specially-crafted urllib
open URL request.