A program may leak resources when it elies relies on finalize() to release system resources or when there is confusion over which part of the program is responsible for releasing system resources. In a busy system, the delay before the finalize() method is called for an object provides a window of vulnerability during which an attacker could induce a denial-of-service attack. See the guideline OBJ08-J. Avoid using finalizers for additional reasons to avoid the use of finalizers.
...