CVE-2016-6826

medium

Published 2016-09-26 · Modified 2026-05-06

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2

7.1

VIR risk

6.5

Description

Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a denial of service (application crash) via a crafted compressed email attachment.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-anymail-en

Application impact

Vendor	Product	Versions	Fixed
huawei	anyoffice_secureapp	`2.5.0301.0190`
huawei	anyoffice_secureapp	`2.5.0501.0190`

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-anymail-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-anymail-en

CWEs

CWE-284

Verify integrity in audit chain (admin only). AS-IS.