CVE-2015-6984
libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.
Date published : 2015-10-23
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html