A Tale of openssl_seal(), PHP, and Apache2handle

Hey folks, The opensslseal 4 is prone to use uninitialized memory that can be turned into a code execution. This document describes technical details of our journey to hijack apache2 requests. What the heck is opensslseal? ... int opensslseal string $data , string &$sealeddata , array &$envkeys ,...