...
At a later date, the maintainer of the class Account added a new method called overdraft(). However, the BankAccount class maintainer was is unaware of the change. The client application consequently subsequently became vulnerable to malicious invocations. For example, the overdraft() method could be invoked directly on a BankAccount object, avoiding the security checks that should have been present. The following code illustrates this vulnerability.
...