CVE-2016-1729
Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application.
Date published : 2016-02-01
http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html