HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method.
https://exchange.xforce.ibmcloud.com/vulnerabilities/39156
http://www.securityfocus.com/bid/26967
http://www.heise-security.co.uk/news/100934
http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html