Closed-source clients have the ability to send your Bitcoins where you don't want, or simply steal your wallet.dat, but can't affect the network as a whole. Even open source miners simply hash what is handed them by a server. The vulnerability lies with a powerful pool (Deepbit for example) verifying invalid blocks and splitting the chain.