CVE 2016-1773
The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors.
See the 
CVE page on Mitre.org
for more details.
