Internet Explorer cookies leave you naked
Debugging closed-source apps sure takes time
Using a specially constructed URL, a third-party Web site can read Internet Explorer cookies from any domain, enabling the operator of a hostile Web site to break into a visitor's Hotmail account; visit Amazon.com impersonating that user and access their real name, e-mail address and list of 'recommended titles'; grab an MP3.com user's e-mail address, and so on, Peacefire contributors Bennett Haselton and Jamie McCarthy say.
The Peacefire site includes a demonstration which will display cookie data for other domains to which you're logged in another browser window. ®