I think the problem here is, that there can potentially be much more than just one double-spent transaction. The incentive for the attacker comes from the combined gain from all duplicate transactions he manages to pull off from addresses he is going to publish within the delayed block - no?
Therefore a seller cannot safely accept payments at zero confirmations - even for very small payments.