Launchpad.net

CVE 2016-4701

Application Firewall in Apple OS X before 10.12 allows local users to cause a denial of service via vectors involving a crafted SO_EXECPATH environment variable.

See the CVE page on Mitre.org for more details.

References