The open question is, how can either a website or even the actual browser detect if the RealPlayer version installed is vulnerable.
I've tried to make sense of their vulnerability matrix in the past, but I think I'm going to give up this time:
http://service.real.com/realplayer/security/10152010_player/en/
If you can help me understand it, I'd be grateful!
My personal recommendation is to at least disable it and only enable it if you run into a website that needs it.