Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.
https://exchange.xforce.ibmcloud.com/vulnerabilities/6750
http://www.securityfocus.com/bid/2930
http://online.securityfocus.com/archive/1/219166