CVE-2016-4646 (mac_os_x)
Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.
Source: CVE-2016-4646 (mac_os_x)