The security flaws introduced by collision attacks tend to be a bit subtler. For instance, if a digital signature scheme uses MD5 as the underlying scheme, you could generate two different documents with the same hash, convince a third party to sign one of them, and then transfer the signature to the other document.
i ask because of this - https://bugzilla.novell.com/show_bug.cgi?id=743715
I mean to say, you could find a hash that would match an existing, let say, word document. But that wouldn't be a legit word document or anything - it would likely be some random character string. The chances of changing anything in a meaningful way or adding a payload seems practically impossible to me. Is that a false assumption on my part?
For example, two self-extracting archives with the same MD5 that unpack to completely different contents: http://eprint.iacr.org/2004/356.pdf
Two postscript files with the same MD5 that print different letters: http://web.archive.org/web/20071226014140/http://www.cits.ru...
And plenty more as listed here by Peter Selinger: http://www.mscs.dal.ca/~selinger/md5collision/
Basically they could create HTTPS certificates for any domain (microsoft.com, gmail.com, etc) and it would be shown valid by the browser. So MD5 collisions really are useful in practical real-world attacks.