openssl_seal() is prone to use uninitialized memory that can be turned into a code execution. This document describes technical details of the journey to hijack apache2 requests. It is a very well written and thoroughly documented piece of research.
You can download it from the following link: https://packetstormsecurity.com/files/download/135567/opensslseal-exec.txt
Source: https://packetstormsecurity.com/files/135567/A-Tale-of-openssl_seal-PHP-and-Apache2handle.html