A bug found in iOS 5.0.1 may allow an unauthorized user to access your contacts, make phone calls, or use FaceTime on your passcode-protected iPhone. But stop panicking, this bug isn't easily reproduced -- it requires someone else to have access to your phone, with either no service or the sim card removed. Your average snoop won't find it worth their time.
To trigger the bug, someone must confuse the phone after receiving a missed call by one of two methods -- doing it while you have no network coverage or actively inserting and ejecting the SIM card. This will eventually lead to the iPhone unlocking to the phone app and allowing you to place phone calls. Once you hang up, you'll be locked out again.
It seems a bit silly as this process obviously needs to be performed numerous times, as shown in the demo video below, in order for it to confuse the phone. As long as you aren't leaving your iPhone unattended for long periods of time with shady people who actively carry around a SIM removal tool or paperclip, I don't see this becoming a popular way of hacking into someone's iPhone.
A similar bug was discovered a while back under iOS 4 which also allowed access to contacts, favorites, and voicemail on a locked device. Another recently discovered timestamp bug in iOS 5 allowed access to your camera roll.