OS X does not properly handle the Extended Validation certificate attribute of Certificate Authority certificates. Within the Keychain, if a user has marked an Extended Validation certificate as not to be trusted, OS X will still trust it.
Apple OS X 10.6.8 and prior
BeyondTrust Prevention and Detection:
No mitigation has been provided.