CVE-2011-0185
Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file.
Date published : 2011-10-14
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html