From what I understand, collisions under MD5 are very easy, but preimages are hard. On its own, MD5 is fast enough to brute force any password, even with a salt. But using MD5 as the algorithm to PBKDF2 (with an appropriate salt and iteration count) should take a long time, right?
This is a theoretical question, I'd never actually do this, but am I getting anything wrong here? This would still be Very Secure, right?