Openssl is a library that is shipped with a lot of OSes and basically allowed an attacker to dump 64Kb of your memory and it could do it in a loop this would allow access to entropy and store variable like SSL private keys. This is really an issue of putting too much trust in a single library.
Ahh okay, thanks for explaining it to me. So with this bug, they could steal your wallet private key?
The short answer is [redacted].
They could potentially steal any information posted to a web site which had the vulnerability. In some cases, they could steal the server's certificate, which might allow them to impersonate the server (better phishing attacks).
Edit: It looks like 0.9.0 may have been vulnerable under certain circumstances. See posts by users smarter than I for details.