CVE-2015-7007
Script Editor in Apple OS X before 10.11.1 allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution via unspecified vectors.
Date published : 2015-10-23
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html