A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must visit a malicious web site. The specific flaw exists in the rmoc3260 ActiveX control. Specifying malicious values for the 'Controls' or 'Console' properties with a specific timing results in a memory corruption which can lead to code execution under the context of the current user.
e5a1b62ac9be31af6068765c6d46144550da0621b7283dcfd5d9530cfd5aafe5