The network gradually forgets about 0-confirmation transactions if no one is rebroadcasting them, so it's possible to cancel a 0-confirmation transaction if it doesn't make it into a block for several days. The client doesn't support this yet, though -- it rebroadcasts forever.
So... How is this preventable? It seems to me like quite the large issue...
Wait for a few confirmations.