<a href="http://www.zerodayinitiative.com/advisories/ZDI-13-011/">http://www.zerodayinitiative.com/advisories/ZDI-13-011/</a> lists <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3213">CVE-2013-3213</a> which doesn't exist according to the CVE entry, and is not part of the Oracle CPU linked to.  <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3213">CVE-2012-3213</a> does exist in that CPU, and seems to be the intended reference.<br>
<a href="http://www.zerodayinitiative.com/advisories/ZDI-13-012/">http://www.zerodayinitiative.com/advisories/ZDI-13-012/</a> has the same problem, though the CVE is simply reserved, with <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1543">CVE-2013-1543</a> vs <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1543">CVE-2012-1543</a>.<br>
<br>Daniel<br>OSVDB.org<br>