Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
http://lists.apple.com/archives/security-announce/2015/Oct/msg00007.html
https://support.apple.com/HT205317