The MITRE CVE dictionary describes this issue as:
Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.
Find out more about CVE-2009-3909 from the
MITRE CVE dictionary dictionary and
Vulnerable. This issue affects gimp packages in Red Hat Enterprise Linux 4 and 5. This issue does not affect gimp package in Red Hat Enterprise Linux 6.