There exists a vulnerability in Microsoft Internet Explorer that can allow for a violation of the same origin policy. In modern browsers, script code executing in the context of one website should not be able to access the properties of another. This is a security feature known as the 'same origin policy', and it is put in place to prevent malicious websites from interacting with and possibly stealing sensitive information from others in different windows. (source: Research Buzz)

Here's another IE bug that will probably never get patched. Expect an exploit in six months that will set your start page to one of those dancing rodent sites and will automatically charge your credit card for three orders of organic kumkwats. I've seen it happen before. It's not pretty.