kextd in kext tools in Apple OS X prior to 10.10.4 allows malicious users to write to arbitrary files via a crafted app that conducts a symlink attack.
apple mac os x