From http://service.real.com/realplayer/security/191007_player/en/

"RealNetworks has issued a fix for a vulnerability, identified here http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html by Symantec, that affects the import method of an Active X control."

This vulnerability was covered by Fellow handler William Stearns here:

http://isc.sans.org/diary.html?storyid=3519

Patches are available at the real.com link above.