CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2012

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2651 CVE-2012-2003 352 CSRF 2012-05-02 2019-02-26
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
2652 CVE-2012-2002 20 2012-05-02 2017-12-14
8.3
None Remote Medium Not required Complete Partial Partial
Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
2653 CVE-2012-2001 79 XSS 2012-05-02 2017-12-14
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2654 CVE-2012-2000 Exec Code 2012-05-02 2017-12-14
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in HP System Health Application and Command Line Utilities before 9.0.0 allow remote attackers to execute arbitrary code via unknown vectors.
2655 CVE-2012-1993 +Info 2012-04-18 2017-12-19
3.2
None Local Low ??? Partial Partial None
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.
2656 CVE-2012-1992 79 XSS 2012-04-11 2012-11-20
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).
2657 CVE-2012-1990 79 XSS 2012-05-22 2013-05-15
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvariablename parameter in an evts.xml action to kw.dll, (2) unspecified search fields, or (3) unspecified content-display fields.
2658 CVE-2012-1989 264 2012-06-27 2019-07-11
3.6
None Local Low Not required None Partial Partial
telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet connection log (/tmp/out.log).
2659 CVE-2012-1988 77 Exec Code 2012-05-29 2019-07-11
6.0
None Remote Medium ??? Partial Partial Partial
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.
2660 CVE-2012-1987 DoS 2012-05-29 2019-07-11
3.5
None Remote Medium ??? None None Partial
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or (2) cause a denial of service (filesystem consumption) via crafted REST requests that use "a marshaled form of a Puppet::FileBucket::File object" to write to arbitrary file locations.
2661 CVE-2012-1986 264 2012-05-29 2019-07-11
2.1
None Remote High ??? Partial None None
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlink attack in conjunction with a crafted REST request for a file in a filebucket.
2662 CVE-2012-1985 352 DoS CSRF 2012-04-17 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL.
2663 CVE-2012-1984 79 XSS 2012-04-17 2017-12-29
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2664 CVE-2012-1982 79 XSS 2012-04-05 2017-08-29
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title parameter in an edit action.
2665 CVE-2012-1979 79 2 XSS 2012-04-17 2017-08-29
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.
2666 CVE-2012-1977 255 +Info 2012-05-09 2012-08-29
7.1
None Remote Medium Not required Complete None None
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.
2667 CVE-2012-1976 416 DoS Exec Code Mem. Corr. 2012-08-29 2020-08-26
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
2668 CVE-2012-1975 416 DoS Exec Code Mem. Corr. 2012-08-29 2020-08-28
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
2669 CVE-2012-1974 416 DoS Exec Code Mem. Corr. 2012-08-29 2020-08-26
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
2670 CVE-2012-1973 416 DoS Exec Code Mem. Corr. 2012-08-29 2020-08-26
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
2671 CVE-2012-1972 416 DoS Exec Code Mem. Corr. 2012-08-29 2020-08-28
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
2672 CVE-2012-1971 DoS Exec Code Mem. Corr. 2012-08-29 2017-09-19
9.3
None Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to garbage collection after certain MethodJIT execution, and unknown other vectors.
2673 CVE-2012-1970 119 DoS Exec Code Overflow Mem. Corr. 2012-08-29 2020-08-28
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
2674 CVE-2012-1969 264 +Info 2012-07-30 2013-12-13
4.3
None Remote Medium Not required Partial None None
The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x before 3.6.10, 3.7.x and 4.0.x before 4.0.7, 4.1.x and 4.2.x before 4.2.2, and 4.3.x before 4.3.2 does not check whether an attachment is private before presenting the attachment description within a public comment, which allows remote attackers to obtain sensitive description information by reading a comment.
2675 CVE-2012-1968 264 +Info 2012-07-30 2013-10-03
4.3
None Remote Medium Not required Partial None None
Bugzilla 4.1.x and 4.2.x before 4.2.2 and 4.3.x before 4.3.2 uses bug-editor privileges instead of bugmail-recipient privileges during construction of HTML bugmail documents, which allows remote attackers to obtain sensitive description information by reading the tooltip portions of an HTML e-mail message.
2676 CVE-2012-1967 Exec Code 2012-07-18 2017-12-29
10.0
None Remote Low Not required Complete Complete Complete
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
2677 CVE-2012-1966 264 XSS 2012-07-18 2017-12-29
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
2678 CVE-2012-1965 79 XSS Bypass 2012-07-18 2017-12-29
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
2679 CVE-2012-1964 2012-07-18 2017-12-29
4.0
None Remote High Not required Partial Partial None
The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element.
2680 CVE-2012-1963 264 2012-07-18 2017-12-29
4.3
None Remote Medium Not required Partial None None
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.
2681 CVE-2012-1962 399 DoS Exec Code Mem. Corr. 2012-07-18 2017-12-29
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.
2682 CVE-2012-1961 20 2012-07-18 2017-12-29
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.
2683 CVE-2012-1960 200 +Info 2012-07-18 2017-12-29
5.0
None Remote Low Not required Partial None None
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
2684 CVE-2012-1959 264 Bypass 2012-07-18 2017-12-29
5.0
None Remote Low Not required None Partial None
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.
2685 CVE-2012-1958 399 Exec Code 2012-07-18 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.
2686 CVE-2012-1957 79 XSS 2012-07-18 2017-12-29
4.3
None Remote Medium Not required None Partial None
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
2687 CVE-2012-1956 79 XSS 2012-08-29 2017-09-19
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.
2688 CVE-2012-1955 2012-07-18 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.
2689 CVE-2012-1954 399 DoS Exec Code Mem. Corr. 2012-07-18 2017-12-29
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.
2690 CVE-2012-1953 119 DoS Exec Code Overflow 2012-07-18 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.
2691 CVE-2012-1952 399 Exec Code 2012-07-18 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.
2692 CVE-2012-1951 399 DoS Exec Code Mem. Corr. 2012-07-18 2017-12-29
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.
2693 CVE-2012-1950 2012-07-18 2017-12-29
6.4
None Remote Low Not required None Partial Partial
The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.
2694 CVE-2012-1949 DoS Exec Code Mem. Corr. 2012-07-18 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
2695 CVE-2012-1948 DoS Exec Code Mem. Corr. 2012-07-18 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
2696 CVE-2012-1947 119 Exec Code Overflow 2012-06-05 2018-01-05
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.
2697 CVE-2012-1946 399 Exec Code 2012-06-05 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.
2698 CVE-2012-1945 200 +Info 2012-06-05 2017-12-29
2.9
None Local Network Medium Not required Partial None None
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.
2699 CVE-2012-1944 79 XSS 2012-06-05 2017-12-29
4.3
None Remote Medium Not required None Partial None
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.
2700 CVE-2012-1943 +Priv 2012-06-05 2017-12-29
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allows local users to gain privileges via a Trojan horse wsock32.dll file in an application directory.
Total number of vulnerabilities : 5297   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 (This Page)55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.