The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. (CVE-2004-2761)
Impact
A context-dependent attacker may be able to conduct spoofing attacks.