It's possible to spoof cookies for few 3rd level domains.
vulners.com/securityvulns/securityvulns:doc:6665
vulners.com/securityvulns/securityvulns:doc:6666
vulners.com/securityvulns/securityvulns:doc:6832