The host is installed with RealNetworks RealPlayer 10/10.5, RealOne Player or RealPlayer Enterprise and is prone to integer overflow vulnerability. A flaw is present in the application due to improper bounds checking of Lyrics3 tags in MP3 files. Successful exploitation allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file.