Cookies contain different data about sessions and login information depending on the site, store information about your account when you last visited and have expiration dates in them. It depends on where the cookies are from and how they're implemented. Some are plain text everything in it is, passwords and all. Nowadays cookies use encryption for larger sites like msn or yahoo. Different cookies do different things, store information about your account and have expiration dates in them. Modifying them can give you access to things you wouldnt have normally. Look up 'cookie poisoning' on google you will learn alot about it.
for windows cookies are stored in C:\WINDOWS\Cookies\ for 9x or C:\Documents and Setting\(username)\Cookies\ in XP
This still ranks in the top 10 types of vulnerabilites.
Here's some links: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci861584,00.html http://www.cgisecurity.com/lib/CookiePoisoningByline.pdf