An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted SGI file.
Apple Security Advisory 2016-10-24-2 - macOS Sierra 10.12.1 is now available and addresses code execution, privilege escalation, and various other vulnerabilities.