openssl_seal() is prone to use uninitialized memory that can be turned into a code execution. This document describes technical details of the journey to hijack apache2 requests. It is a very well written and thoroughly documented piece of research.
7328b4676384b96b2489eec8e7c79cb066123cadf924ac7ffb3cdc3f203e52c4