CVE-2015-5943
SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app.
Date published : 2015-10-23
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html