The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2761)